Action not permitted
Modal body text goes here.
cve-2018-14720
Vulnerability from cvelistv5
Published
2019-01-02 18:00
Modified
2024-08-05 09:38
Severity ?
EPSS score ?
Summary
FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T09:38:13.593Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/FasterXML/jackson-databind/issues/2097"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7"
},
{
"name": "[debian-lts-announce] 20190304 [SECURITY] [DLA 1703-1] jackson-databind security update",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html"
},
{
"name": "[lucene-dev] 20190325 [jira] [Assigned] (SOLR-13112) CVE-2018-14718(-14719),sonatype-2017-0312, CVE-2018-14720(-14721) Threat Level 8 Against Solr v7.6. com.fasterxml.jackson.core : jackson-databind : 2.9.6. FasterXML jackson-databind 2.x before 2.9.7 Remote Hackers...",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286%40%3Cdev.lucene.apache.org%3E"
},
{
"name": "[lucene-dev] 20190325 [jira] [Updated] (SOLR-13112) CVE-2018-14718(-14719),sonatype-2017-0312, CVE-2018-14720(-14721) Threat Level 8 Against Solr v7.6. com.fasterxml.jackson.core : jackson-databind : 2.9.6. FasterXML jackson-databind 2.x before 2.9.7 Remote Hackers...",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f%40%3Cdev.lucene.apache.org%3E"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "[lucene-dev] 20190325 [jira] [Updated] (SOLR-13112) CVE-2018-14718(-14719),sonatype-2017-0312, CVE-2018-14720(-14721) Threat Level 8 Against Solr v7.6. com.fasterxml.jackson.core : jackson-databind : 2.9.6. FasterXML jackson-databind 2.x before 2.9.7 Remote Hackers...",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df%40%3Cdev.lucene.apache.org%3E"
},
{
"name": "RHSA-2019:0782",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0782"
},
{
"name": "RHBA-2019:0959",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0959"
},
{
"name": "RHSA-2019:1107",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1107"
},
{
"name": "RHSA-2019:1108",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1108"
},
{
"name": "RHSA-2019:1106",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1106"
},
{
"name": "RHSA-2019:1140",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1140"
},
{
"name": "DSA-4452",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "https://www.debian.org/security/2019/dsa-4452"
},
{
"name": "20190527 [SECURITY] [DSA 4452-1] jackson-databind security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "https://seclists.org/bugtraq/2019/May/68"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20190530-0003/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"name": "RHSA-2019:1822",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1822"
},
{
"name": "RHSA-2019:1823",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1823"
},
{
"name": "RHSA-2019:2858",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"
},
{
"name": "RHSA-2019:3149",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
},
{
"name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
},
{
"name": "RHSA-2019:3892",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
},
{
"name": "RHSA-2019:4037",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2019:4037"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2018-07-27T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-31T13:06:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/FasterXML/jackson-databind/issues/2097"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7"
},
{
"name": "[debian-lts-announce] 20190304 [SECURITY] [DLA 1703-1] jackson-databind security update",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html"
},
{
"name": "[lucene-dev] 20190325 [jira] [Assigned] (SOLR-13112) CVE-2018-14718(-14719),sonatype-2017-0312, CVE-2018-14720(-14721) Threat Level 8 Against Solr v7.6. com.fasterxml.jackson.core : jackson-databind : 2.9.6. FasterXML jackson-databind 2.x before 2.9.7 Remote Hackers...",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286%40%3Cdev.lucene.apache.org%3E"
},
{
"name": "[lucene-dev] 20190325 [jira] [Updated] (SOLR-13112) CVE-2018-14718(-14719),sonatype-2017-0312, CVE-2018-14720(-14721) Threat Level 8 Against Solr v7.6. com.fasterxml.jackson.core : jackson-databind : 2.9.6. FasterXML jackson-databind 2.x before 2.9.7 Remote Hackers...",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f%40%3Cdev.lucene.apache.org%3E"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "[lucene-dev] 20190325 [jira] [Updated] (SOLR-13112) CVE-2018-14718(-14719),sonatype-2017-0312, CVE-2018-14720(-14721) Threat Level 8 Against Solr v7.6. com.fasterxml.jackson.core : jackson-databind : 2.9.6. FasterXML jackson-databind 2.x before 2.9.7 Remote Hackers...",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df%40%3Cdev.lucene.apache.org%3E"
},
{
"name": "RHSA-2019:0782",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0782"
},
{
"name": "RHBA-2019:0959",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0959"
},
{
"name": "RHSA-2019:1107",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1107"
},
{
"name": "RHSA-2019:1108",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1108"
},
{
"name": "RHSA-2019:1106",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1106"
},
{
"name": "RHSA-2019:1140",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1140"
},
{
"name": "DSA-4452",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "https://www.debian.org/security/2019/dsa-4452"
},
{
"name": "20190527 [SECURITY] [DSA 4452-1] jackson-databind security update",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "https://seclists.org/bugtraq/2019/May/68"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20190530-0003/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"name": "RHSA-2019:1822",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1822"
},
{
"name": "RHSA-2019:1823",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1823"
},
{
"name": "RHSA-2019:2858",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E"
},
{
"name": "RHSA-2019:3149",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
},
{
"name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E"
},
{
"name": "RHSA-2019:3892",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
},
{
"name": "RHSA-2019:4037",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2019:4037"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14720",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44",
"refsource": "CONFIRM",
"url": "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44"
},
{
"name": "https://github.com/FasterXML/jackson-databind/issues/2097",
"refsource": "CONFIRM",
"url": "https://github.com/FasterXML/jackson-databind/issues/2097"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7",
"refsource": "CONFIRM",
"url": "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7"
},
{
"name": "[debian-lts-announce] 20190304 [SECURITY] [DLA 1703-1] jackson-databind security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html"
},
{
"name": "[lucene-dev] 20190325 [jira] [Assigned] (SOLR-13112) CVE-2018-14718(-14719),sonatype-2017-0312, CVE-2018-14720(-14721) Threat Level 8 Against Solr v7.6. com.fasterxml.jackson.core : jackson-databind : 2.9.6. FasterXML jackson-databind 2.x before 2.9.7 Remote Hackers...",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E"
},
{
"name": "[lucene-dev] 20190325 [jira] [Updated] (SOLR-13112) CVE-2018-14718(-14719),sonatype-2017-0312, CVE-2018-14720(-14721) Threat Level 8 Against Solr v7.6. com.fasterxml.jackson.core : jackson-databind : 2.9.6. FasterXML jackson-databind 2.x before 2.9.7 Remote Hackers...",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "[lucene-dev] 20190325 [jira] [Updated] (SOLR-13112) CVE-2018-14718(-14719),sonatype-2017-0312, CVE-2018-14720(-14721) Threat Level 8 Against Solr v7.6. com.fasterxml.jackson.core : jackson-databind : 2.9.6. FasterXML jackson-databind 2.x before 2.9.7 Remote Hackers...",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E"
},
{
"name": "RHSA-2019:0782",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:0782"
},
{
"name": "RHBA-2019:0959",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:0959"
},
{
"name": "RHSA-2019:1107",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1107"
},
{
"name": "RHSA-2019:1108",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1108"
},
{
"name": "RHSA-2019:1106",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1106"
},
{
"name": "RHSA-2019:1140",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1140"
},
{
"name": "DSA-4452",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4452"
},
{
"name": "20190527 [SECURITY] [DSA 4452-1] jackson-databind security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/68"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190530-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190530-0003/"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"name": "RHSA-2019:1822",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1822"
},
{
"name": "RHSA-2019:1823",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1823"
},
{
"name": "RHSA-2019:2858",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"
},
{
"name": "RHSA-2019:3149",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
},
{
"name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
},
{
"name": "RHSA-2019:3892",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
},
{
"name": "RHSA-2019:4037",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:4037"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2018-14720",
"datePublished": "2019-01-02T18:00:00",
"dateReserved": "2018-07-28T00:00:00",
"dateUpdated": "2024-08-05T09:38:13.593Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2018-14720\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2019-01-02T18:29:00.467\",\"lastModified\":\"2023-11-07T02:53:01.137\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.\"},{\"lang\":\"es\",\"value\":\"Las versiones 2.x de FasterXML jackson-databind anteriores a la 2.9.7 podr\u00edan permitir a los atacantes realizar ataques de tipo XML External Entity Injection (XXE) aprovechando su incapacidad de bloquear clases JDK no especificadas de deserializaci\u00f3n polim\u00f3rfica.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":7.5},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-502\"},{\"lang\":\"en\",\"value\":\"CWE-611\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.0\",\"versionEndExcluding\":\"2.6.7.2\",\"matchCriteriaId\":\"A1BA8F04-46A7-4804-A997-59080034013F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.7.0\",\"versionEndExcluding\":\"2.7.9.5\",\"matchCriteriaId\":\"B99066EB-FF79-4D9D-9466-B04AD4D3A814\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.8.0\",\"versionEndExcluding\":\"2.8.11.3\",\"matchCriteriaId\":\"F4D3858C-DAF3-4522-90EC-EFCD13BD121E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.9.0\",\"versionEndExcluding\":\"2.9.7\",\"matchCriteriaId\":\"4DA01839-5250-43A7-AFB7-871DC9B8AB32\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"C43DF125-AD83-4402-BF82-72542F898D6D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"E2DD9CB6-7456-417A-A816-32BD8EC5FA83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"80428392-1050-4980-BF13-49CE32F96478\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"ADA0D863-2917-4E7B-8FF6-B499180D2D4C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED1E9904-73E0-45F3-86A9-6173EE67E74D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr1:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1618FF9-0FDC-44BA-9FDA-5EA843C0D2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr2:*:*:*:*:*:*\",\"matchCriteriaId\":\"3FEDB0BC-FE4C-4851-A142-96767E337898\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr3:*:*:*:*:*:*\",\"matchCriteriaId\":\"75836E44-81A6-42C0-A589-A990887C7F9B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr4:*:*:*:*:*:*\",\"matchCriteriaId\":\"F794F46D-8B49-43FE-9EE0-4ECD20F9BCB0\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:2.5.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35AD0C07-9688-4397-8D45-FBB88C0F0C11\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8972497F-6E24-45A9-9A18-EB0E842CB1D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"400509A8-D6F2-432C-A2F1-AD5B8778D0D9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"132CE62A-FBFC-4001-81EC-35D81F73AF48\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E6039DC7-08F2-4DD9-B5B5-B6B22DD2409F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7231AF76-3D46-41C4-83E9-6E9E12940BD9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A9E97F04-00ED-48E9-AB40-7A02B3419641\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FCCE5A11-39E7-4BBB-9E1A-BA4B754103BB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A5AEC7F5-C353-4CF5-96CE-8C713A2B0C92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BB79BB43-E0AB-4F0D-A6EA-000485757EEC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F238CB66-886D-47E8-8DC0-7FC2025771EB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59B7B8AD-1210-4C40-8EF7-E2E8156630A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0DE4A291-4358-42A9-A68D-E59D9998A1CC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D19CF00-FE20-4690-AAB7-8E9DBC68A94F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A030A498-3361-46F8-BB99-24A66CAE11CA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"042C243F-EDFE-4A04-AB0B-26E73CC34837\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"228DA523-4D6D-48C5-BDB0-DB1A60F23F8B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"17.1\",\"versionEndIncluding\":\"17.12\",\"matchCriteriaId\":\"B8249A74-C34A-4F66-8F11-F7F50F8813BF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D55A54FD-7DD1-49CD-BE81-0BE73990943C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"82EB08C0-2D46-4635-88DF-E54F6452D3A3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"202AD518-2E9B-4062-B063-9858AE1F9CE2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_merchandising_system:15.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"792DF04A-2D1B-40B5-B960-3E7152732EB8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:retail_merchandising_system:16.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46525CA6-4226-4F6F-B899-D800D4DDE0B5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6A4F71A-4269-40FC-8F61-1D1301F2B728\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0952BA1A-5DF9-400F-B01F-C3A398A8A2D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F87326E-0B56-4356-A889-73D026DB1D4B\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHBA-2019:0959\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:0782\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1106\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1107\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1108\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1140\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1822\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:1823\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:2858\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3149\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:3892\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2019:4037\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/FasterXML/jackson-databind/issues/2097\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Release Notes\",\"Third Party Advisory\"]},{\"url\":\"https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f%40%3Cdev.drill.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286%40%3Cdev.lucene.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f%40%3Cdev.lucene.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442%40%3Cdev.drill.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df%40%3Cdev.lucene.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc%40%3Cissues.drill.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8%40%3Ccommits.pulsar.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2%40%3Cissues.geode.apache.org%3E\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://seclists.org/bugtraq/2019/May/68\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20190530-0003/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.debian.org/security/2019/dsa-4452\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2020.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html\",\"source\":\"cve@mitre.org\"}]}}"
}
}
rhsa-2019_1108
Vulnerability from csaf_redhat
Published
2019-05-08 12:12
Modified
2025-01-19 19:44
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.1 on RHEL 7 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on JBoss Application Server 7.
This release of Red Hat JBoss Enterprise Application Platform 7.2.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.0, and includes bug fixes and enhancements. Refer to the Red Hat JBoss Enterprise Application Platform 7.2.1 Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)
* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)
* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)
* undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer (CVE-2018-14642)
* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)
* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)
* wildfly: Race condition on PID file allows for termination of arbitrary processes by local users (CVE-2019-3805)
* wildfly: wrong SecurityIdentity for EE concurrency threads that are reused (CVE-2019-3894)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on JBoss Application Server 7. \n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.0, and includes bug fixes and enhancements. Refer to the Red Hat JBoss Enterprise Application Platform 7.2.1 Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer (CVE-2018-14642)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\n* wildfly: Race condition on PID file allows for termination of arbitrary processes by local users (CVE-2019-3805)\n\n* wildfly: wrong SecurityIdentity for EE concurrency threads that are reused (CVE-2019-3894)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:1108",
"url": "https://access.redhat.com/errata/RHSA-2019:1108"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1628702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1628702"
},
{
"category": "external",
"summary": "1660263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660263"
},
{
"category": "external",
"summary": "1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "1682108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1682108"
},
{
"category": "external",
"summary": "JBEAP-14861",
"url": "https://issues.redhat.com/browse/JBEAP-14861"
},
{
"category": "external",
"summary": "JBEAP-15392",
"url": "https://issues.redhat.com/browse/JBEAP-15392"
},
{
"category": "external",
"summary": "JBEAP-15477",
"url": "https://issues.redhat.com/browse/JBEAP-15477"
},
{
"category": "external",
"summary": "JBEAP-15478",
"url": "https://issues.redhat.com/browse/JBEAP-15478"
},
{
"category": "external",
"summary": "JBEAP-15568",
"url": "https://issues.redhat.com/browse/JBEAP-15568"
},
{
"category": "external",
"summary": "JBEAP-15617",
"url": "https://issues.redhat.com/browse/JBEAP-15617"
},
{
"category": "external",
"summary": "JBEAP-15622",
"url": "https://issues.redhat.com/browse/JBEAP-15622"
},
{
"category": "external",
"summary": "JBEAP-15748",
"url": "https://issues.redhat.com/browse/JBEAP-15748"
},
{
"category": "external",
"summary": "JBEAP-15805",
"url": "https://issues.redhat.com/browse/JBEAP-15805"
},
{
"category": "external",
"summary": "JBEAP-15851",
"url": "https://issues.redhat.com/browse/JBEAP-15851"
},
{
"category": "external",
"summary": "JBEAP-15869",
"url": "https://issues.redhat.com/browse/JBEAP-15869"
},
{
"category": "external",
"summary": "JBEAP-15876",
"url": "https://issues.redhat.com/browse/JBEAP-15876"
},
{
"category": "external",
"summary": "JBEAP-16025",
"url": "https://issues.redhat.com/browse/JBEAP-16025"
},
{
"category": "external",
"summary": "JBEAP-16037",
"url": "https://issues.redhat.com/browse/JBEAP-16037"
},
{
"category": "external",
"summary": "JBEAP-16086",
"url": "https://issues.redhat.com/browse/JBEAP-16086"
},
{
"category": "external",
"summary": "JBEAP-16090",
"url": "https://issues.redhat.com/browse/JBEAP-16090"
},
{
"category": "external",
"summary": "JBEAP-16091",
"url": "https://issues.redhat.com/browse/JBEAP-16091"
},
{
"category": "external",
"summary": "JBEAP-16112",
"url": "https://issues.redhat.com/browse/JBEAP-16112"
},
{
"category": "external",
"summary": "JBEAP-16122",
"url": "https://issues.redhat.com/browse/JBEAP-16122"
},
{
"category": "external",
"summary": "JBEAP-16123",
"url": "https://issues.redhat.com/browse/JBEAP-16123"
},
{
"category": "external",
"summary": "JBEAP-16124",
"url": "https://issues.redhat.com/browse/JBEAP-16124"
},
{
"category": "external",
"summary": "JBEAP-16125",
"url": "https://issues.redhat.com/browse/JBEAP-16125"
},
{
"category": "external",
"summary": "JBEAP-16137",
"url": "https://issues.redhat.com/browse/JBEAP-16137"
},
{
"category": "external",
"summary": "JBEAP-16146",
"url": "https://issues.redhat.com/browse/JBEAP-16146"
},
{
"category": "external",
"summary": "JBEAP-16147",
"url": "https://issues.redhat.com/browse/JBEAP-16147"
},
{
"category": "external",
"summary": "JBEAP-16234",
"url": "https://issues.redhat.com/browse/JBEAP-16234"
},
{
"category": "external",
"summary": "JBEAP-16259",
"url": "https://issues.redhat.com/browse/JBEAP-16259"
},
{
"category": "external",
"summary": "JBEAP-16276",
"url": "https://issues.redhat.com/browse/JBEAP-16276"
},
{
"category": "external",
"summary": "JBEAP-16321",
"url": "https://issues.redhat.com/browse/JBEAP-16321"
},
{
"category": "external",
"summary": "JBEAP-16347",
"url": "https://issues.redhat.com/browse/JBEAP-16347"
},
{
"category": "external",
"summary": "JBEAP-16356",
"url": "https://issues.redhat.com/browse/JBEAP-16356"
},
{
"category": "external",
"summary": "JBEAP-16367",
"url": "https://issues.redhat.com/browse/JBEAP-16367"
},
{
"category": "external",
"summary": "JBEAP-16368",
"url": "https://issues.redhat.com/browse/JBEAP-16368"
},
{
"category": "external",
"summary": "JBEAP-16369",
"url": "https://issues.redhat.com/browse/JBEAP-16369"
},
{
"category": "external",
"summary": "JBEAP-16381",
"url": "https://issues.redhat.com/browse/JBEAP-16381"
},
{
"category": "external",
"summary": "JBEAP-16418",
"url": "https://issues.redhat.com/browse/JBEAP-16418"
},
{
"category": "external",
"summary": "JBEAP-9657",
"url": "https://issues.redhat.com/browse/JBEAP-9657"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1108.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.1 on RHEL 7 security update",
"tracking": {
"current_release_date": "2025-01-19T19:44:56+00:00",
"generator": {
"date": "2025-01-19T19:44:56+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2019:1108",
"initial_release_date": "2019-05-08T12:12:09+00:00",
"revision_history": [
{
"date": "2019-05-08T12:12:09+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-05-08T12:12:09+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:44:56+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product": {
"name": "Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet-core@1.3.2-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.2-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting-jmx@3.0.1-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.9.1-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.1-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.9.1-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.9.1-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.9.1-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.9.1-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.9.1-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.9.1-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.9.1-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.9.1-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.9.1-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_id": "eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-16.SP12_redhat_4.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_id": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-16.SP12_redhat_4.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_id": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-16.SP12_redhat_4.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_id": "eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-impl@2.5.5-16.SP12_redhat_4.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_id": "eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-config@2.5.5-16.SP12_redhat_4.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_id": "eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-api@2.5.5-16.SP12_redhat_4.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_id": "eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-simple-schema@2.5.5-16.SP12_redhat_4.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_id": "eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-api@2.5.5-16.SP12_redhat_4.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_id": "eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-impl@2.5.5-16.SP12_redhat_4.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product": {
"name": "eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_id": "eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-common@2.5.5-16.SP12_redhat_4.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-sun-istack-commons@3.0.7-2.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-istack-commons-tools@3.0.7-2.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-istack-commons-runtime@3.0.7-2.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.2.7-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.2.7-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.2.7-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.2.7-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-commons-lang@3.8.0-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.4.1-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.2.4-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-httpcomponents-asyncclient@4.1.4-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.8-1.redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.9.8-1.redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.8-2.redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-byte-buddy@1.9.5-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.9.8-2.redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.9.8-2.redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.8-2.redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.13-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.13-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.13-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.13-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.8-2.redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@9.3.6-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@9.3.6-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@9.3.6-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@9.3.6-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@9.3.6-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@9.3.6-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@9.3.6-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@9.3.6-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@9.3.6-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-yasson@1.0.2-1.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.9.8-1.redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.9.8-1.redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.8-1.redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.9-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.9-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.9-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.9-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.9-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.6.2-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"product_id": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.1-2.Final_redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client-microprofile@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.3-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.15-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-cxf-xjc-runtime@3.2.3-2.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-cxf-xjc-dv@3.2.3-2.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-cxf-xjc-bug986@3.2.3-2.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-cxf-xjc-ts@3.2.3-2.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-cxf-xjc-boolean@3.2.3-2.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"product": {
"name": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"product_id": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-xjc-utils@3.2.3-2.redhat_00002.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.7-3.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.19-1.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0-to-eap7.2@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.2@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.2@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0-to-eap7.2@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0-to-eap7.2@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1-to-eap7.2@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0-to-eap7.2@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.2@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1-to-eap7.2@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.3.0-7.Final_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.6.3-5.redhat_00020.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.6.3-5.redhat_00020.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.6.3-5.redhat_00020.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.6.3-5.redhat_00020.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.6.3-5.redhat_00020.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.6.3-5.redhat_00020.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.6.3-5.redhat_00020.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.6.3-5.redhat_00020.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.6.3-5.redhat_00020.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.6.3-5.redhat_00020.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.6.3-5.redhat_00020.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.6.3-5.redhat_00020.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.6.3-5.redhat_00020.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.6.3-5.redhat_00020.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@2.6.3-5.redhat_00020.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.6.3-5.redhat_00020.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.6.3-5.redhat_00020.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-el-api_3.0_spec@1.0.13-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.7-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"product_id": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-dom4j@2.1.1-2.redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"product": {
"name": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"product_id": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-security-negotiation@3.0.5-2.Final_redhat_00001.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.2.1-6.GA_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk11@7.2.1-6.GA_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.2.1-6.GA_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-java-jdk8@7.2.1-6.GA_redhat_00004.1.el7eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"product_id": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.1-6.GA_redhat_00004.1.el7eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.2-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.15-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting-jmx@3.0.1-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.1-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"product_id": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-16.SP12_redhat_4.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"product_id": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-16.SP12_redhat_4.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"product_id": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-sun-istack-commons@3.0.7-2.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.2.7-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-commons-lang@3.8.0-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.4.1-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.2.4-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-httpcomponents-asyncclient@4.1.4-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"product_id": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.8-1.redhat_00004.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"product_id": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.8-2.redhat_00004.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-byte-buddy@1.9.5-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.9.8-2.redhat_00004.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"product": {
"name": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"product_id": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.8-2.redhat_00004.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.13-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"product_id": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.8-2.redhat_00004.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@9.3.6-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src",
"product_id": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-yasson@1.0.2-1.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.8-1.redhat_00004.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"product_id": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.9-2.Final_redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.6.2-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"product_id": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.1-2.Final_redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"product_id": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.6.1-4.SP3_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.3-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.15-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"product": {
"name": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"product_id": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-xjc-utils@3.2.3-2.redhat_00002.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.7-3.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.19-1.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"product_id": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.0-7.Final_redhat_00004.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"product_id": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.6.3-5.redhat_00020.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"product": {
"name": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"product_id": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@2.6.3-15.redhat_00020.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-el-api_3.0_spec@1.0.13-2.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.7-2.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"product_id": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-dom4j@2.1.1-2.redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"product": {
"name": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"product_id": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-security-negotiation@3.0.5-2.Final_redhat_00001.1.el7eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"product": {
"name": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"product_id": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.1-6.GA_redhat_00004.1.el7eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"product": {
"name": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"product_id": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@2.6.3-15.redhat_00020.el7eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"product": {
"name": "eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"product_id": "eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-wildfly@2.6.3-15.redhat_00020.el7eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src"
},
"product_reference": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64"
},
"product_reference": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64 as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64"
},
"product_reference": "eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src"
},
"product_reference": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src"
},
"product_reference": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch"
},
"product_reference": "eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src"
},
"product_reference": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch"
},
"product_reference": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"relates_to_product_reference": "7Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 7 Server",
"product_id": "7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
},
"product_reference": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src",
"relates_to_product_reference": "7Server-JBEAP-7.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-11307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1677341"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using MyBatis classes when using DefaultTyping. An attacker could use this flaw to achieve content exfiltration and possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load MyBatis classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include MyBatis classes.\n\nRed Hat Fuse 6 and 7 are not directly affected by this issue, as although they do ship the vulnerable jackson-databind component, they do not enable polymorphic deserialization or default typing which are required for exploitability. Their impacts have correspondingly been reduced to Moderate. Future updates may address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-11307"
},
{
"category": "external",
"summary": "RHBZ#1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307"
}
],
"release_date": "2018-05-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:12:09+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1108"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis"
},
{
"cve": "CVE-2018-12022",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671097"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Jodd DB connection classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Jodd classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Jodd classes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12022"
},
{
"category": "external",
"summary": "RHBZ#1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:12:09+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1108"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library"
},
{
"cve": "CVE-2018-12023",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671096"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Oracle JDBC classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Oracle\u0027s JDBC classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Oracle\u0027s JDBC classes.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12023"
},
{
"category": "external",
"summary": "RHBZ#1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12023",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023"
}
],
"release_date": "2018-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:12:09+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1108"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver"
},
{
"cve": "CVE-2018-14642",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1628702"
}
],
"notes": [
{
"category": "description",
"text": "An information leak vulnerability was found in Undertow. If all headers are not written out in the first write() call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14642"
},
{
"category": "external",
"summary": "RHBZ#1628702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1628702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14642",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14642"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14642",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14642"
}
],
"release_date": "2018-09-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:12:09+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1108"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer"
},
{
"cve": "CVE-2018-14720",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666423"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: exfiltration/XXE in some JDK classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.\n\nRed Hat Enterprise Virtualization 4 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14720"
},
{
"category": "external",
"summary": "RHBZ#1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:12:09+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1108"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: exfiltration/XXE in some JDK classes"
},
{
"cve": "CVE-2018-14721",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666428"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle axis2-jaxws jar.\n\nRed Hat Virtualization is not affected by this issue, since its does not bundle axis2-jaxws jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14721"
},
{
"category": "external",
"summary": "RHBZ#1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:12:09+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1108"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class"
},
{
"acknowledgments": [
{
"names": [
"Daniel Le Gall"
],
"organization": "SCRT Information Security"
}
],
"cve": "CVE-2019-3805",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"discovery_date": "2018-11-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1660263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in wildfly that would allow local users, who are able to execute init.d script, to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Race condition on PID file allows for termination of arbitrary processes by local users",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3805"
},
{
"category": "external",
"summary": "RHBZ#1660263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3805",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3805"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3805",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3805"
}
],
"release_date": "2019-04-30T17:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:12:09+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1108"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Race condition on PID file allows for termination of arbitrary processes by local users"
},
{
"acknowledgments": [
{
"names": [
"James Perkins"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-3894",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2019-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1682108"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the ElytronManagedThread in Wildfly\u0027s Elytron subsystem stores a SecurityIdentity to run the thread with that security identity. As these threads do not necessarily terminate if the \u0027keep alive\u0027 time has not expired, this could allow a shared thread to use the wrong security identity when executing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: wrong SecurityIdentity for EE concurrency threads that are reused",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3894"
},
{
"category": "external",
"summary": "RHBZ#1682108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1682108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3894",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3894"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3894",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3894"
}
],
"release_date": "2019-04-30T17:11:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:12:09+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1108"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.src",
"7Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el7eap.x86_64",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk11-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-java-jdk8-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el7eap.src",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.noarch",
"7Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el7eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: wrong SecurityIdentity for EE concurrency threads that are reused"
}
]
}
rhsa-2019_4037
Vulnerability from csaf_redhat
Published
2019-12-02 16:24
Modified
2025-01-19 19:46
Summary
Red Hat Security Advisory: Red Hat Data Grid 7.3.2 security update
Notes
Topic
An update for Red Hat Data Grid is now available.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project.
This release of Red Hat Data Grid 7.3.2 serves as a replacement for Red Hat Data Grid 7.3.1 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum.
Security Fix(es):
* infinispan: Session fixation protection broken for Spring Session integration (CVE-2019-10158)
* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)
* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)
* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)
* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)
* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)
* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)
* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)
* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)
* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)
* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for Red Hat Data Grid is now available.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project.\n\nThis release of Red Hat Data Grid 7.3.2 serves as a replacement for Red Hat Data Grid 7.3.1 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum.\n\nSecurity Fix(es):\n\n* infinispan: Session fixation protection broken for Spring Session integration (CVE-2019-10158)\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:4037",
"url": "https://access.redhat.com/errata/RHSA-2019:4037"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=70381\u0026product=data.grid\u0026version=7.3\u0026downloadType=patches",
"url": "https://access.redhat.com/jbossnetwork/restricted/softwareDetail.html?softwareId=70381\u0026product=data.grid\u0026version=7.3\u0026downloadType=patches"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/7.3/html-single/red_hat_data_grid_7.3_release_notes/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_data_grid/7.3/html-single/red_hat_data_grid_7.3_release_notes/index"
},
{
"category": "external",
"summary": "1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "1714359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1714359"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_4037.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Data Grid 7.3.2 security update",
"tracking": {
"current_release_date": "2025-01-19T19:46:33+00:00",
"generator": {
"date": "2025-01-19T19:46:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2019:4037",
"initial_release_date": "2019-12-02T16:24:17+00:00",
"revision_history": [
{
"date": "2019-12-02T16:24:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-12-02T16:24:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:46:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Data Grid",
"product": {
"name": "Red Hat Data Grid",
"product_id": "Red Hat Data Grid",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_data_grid:7.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Data Grid"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-11307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1677341"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using MyBatis classes when using DefaultTyping. An attacker could use this flaw to achieve content exfiltration and possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load MyBatis classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include MyBatis classes.\n\nRed Hat Fuse 6 and 7 are not directly affected by this issue, as although they do ship the vulnerable jackson-databind component, they do not enable polymorphic deserialization or default typing which are required for exploitability. Their impacts have correspondingly been reduced to Moderate. Future updates may address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-11307"
},
{
"category": "external",
"summary": "RHBZ#1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307"
}
],
"release_date": "2018-05-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-02T16:24:17+00:00",
"details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.2 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.2 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:4037"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Data Grid"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis"
},
{
"cve": "CVE-2018-12022",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671097"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Jodd DB connection classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Jodd classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Jodd classes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12022"
},
{
"category": "external",
"summary": "RHBZ#1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-02T16:24:17+00:00",
"details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.2 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.2 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:4037"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Data Grid"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library"
},
{
"cve": "CVE-2018-12023",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671096"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Oracle JDBC classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Oracle\u0027s JDBC classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Oracle\u0027s JDBC classes.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12023"
},
{
"category": "external",
"summary": "RHBZ#1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12023",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023"
}
],
"release_date": "2018-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-02T16:24:17+00:00",
"details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.2 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.2 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:4037"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Data Grid"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver"
},
{
"cve": "CVE-2018-14718",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666415"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in slf4j-ext class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in jackson-databind involves exploiting CVE-2018-1088 against slf4j, which was fixed in Red Hat products through the errata referenced at https://access.redhat.com/security/cve/cve-2018-8088. Applications that link only slf4j versions including that fix are not vulnerable to this vulnerability.\n\nRed Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle slf4j-ext jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14718"
},
{
"category": "external",
"summary": "RHBZ#1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-02T16:24:17+00:00",
"details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.2 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.2 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:4037"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Data Grid"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in slf4j-ext class"
},
{
"cve": "CVE-2018-14719",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666418"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using blaze classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products are not affected by this issue as they do not bundle or provide the requisite gadget jars to exploit this vulnerability:\nRed Hat Satellite 6\nRed Hat Enterprise Virtualization 4\nRed Hat Fuse 6, 7, and Fuse Integration Services 2\nRed Hat A-MQ 6",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14719"
},
{
"category": "external",
"summary": "RHBZ#1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-02T16:24:17+00:00",
"details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.2 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.2 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:4037"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Data Grid"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes"
},
{
"cve": "CVE-2018-14720",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666423"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: exfiltration/XXE in some JDK classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.\n\nRed Hat Enterprise Virtualization 4 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14720"
},
{
"category": "external",
"summary": "RHBZ#1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-02T16:24:17+00:00",
"details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.2 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.2 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:4037"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"Red Hat Data Grid"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Data Grid"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: exfiltration/XXE in some JDK classes"
},
{
"cve": "CVE-2018-14721",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666428"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle axis2-jaxws jar.\n\nRed Hat Virtualization is not affected by this issue, since its does not bundle axis2-jaxws jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14721"
},
{
"category": "external",
"summary": "RHBZ#1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-02T16:24:17+00:00",
"details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.2 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.2 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:4037"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Data Grid"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class"
},
{
"cve": "CVE-2018-19360",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666482"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the axis2-transport-jms class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t include axis2-transport-jms jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include axis2-transport-jms jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19360"
},
{
"category": "external",
"summary": "RHBZ#1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-02T16:24:17+00:00",
"details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.2 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.2 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:4037"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Data Grid"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class"
},
{
"cve": "CVE-2018-19361",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666484"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the OpenJPA class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in openjpa class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19361"
},
{
"category": "external",
"summary": "RHBZ#1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-02T16:24:17+00:00",
"details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.2 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.2 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:4037"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Data Grid"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in openjpa class"
},
{
"cve": "CVE-2018-19362",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666489"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the jboss-common-core class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in jboss-common-core class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19362"
},
{
"category": "external",
"summary": "RHBZ#1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19362",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-02T16:24:17+00:00",
"details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.2 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.2 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:4037"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Data Grid"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in jboss-common-core class"
},
{
"cve": "CVE-2019-10158",
"cwe": {
"id": "CWE-384",
"name": "Session Fixation"
},
"discovery_date": "2019-05-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1714359"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Infinispan through version 9.4.14.Final. An improper implementation of the session fixation protection in the Spring Session integration can result in incorrect session handling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "infinispan: Session fixation protection broken for Spring Session integration",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Data Grid"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10158"
},
{
"category": "external",
"summary": "RHBZ#1714359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1714359"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10158",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10158"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10158",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10158"
}
],
"release_date": "2019-05-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-12-02T16:24:17+00:00",
"details": "To install this update, do the following:\n\n1. Download the Data Grid 7.3.2 server patch from the customer portal.\n2. Back up your existing Data Grid installation. You should back up databases, configuration files, and so on.\n3. Install the Data Grid 7.3.2 server patch. Refer to the 7.3 Release Notes for patching instructions.\n4. Restart Data Grid to ensure the changes take effect.",
"product_ids": [
"Red Hat Data Grid"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:4037"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Data Grid"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "infinispan: Session fixation protection broken for Spring Session integration"
}
]
}
rhsa-2020_2564
Vulnerability from csaf_redhat
Published
2020-06-15 16:18
Modified
2024-11-15 00:49
Summary
Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 16 security update
Notes
Topic
This is a security update for JBoss EAP Continuous Delivery 16.0.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform CD16 is a platform for Java applications based on the WildFly application runtime.
This release of Red Hat JBoss Enterprise Application Platform CD16 includes bug fixes and enhancements.
Security Fix(es):
* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)
* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)
* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)
* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)
* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)
* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)
* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "This is a security update for JBoss EAP Continuous Delivery 16.0.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform CD16 is a platform for Java applications based on the WildFly application runtime.\n\nThis release of Red Hat JBoss Enterprise Application Platform CD16 includes bug fixes and enhancements. \n\nSecurity Fix(es):\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:2564",
"url": "https://access.redhat.com/errata/RHSA-2020:2564"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_2564.json"
}
],
"title": "Red Hat Security Advisory: EAP Continuous Delivery Technical Preview Release 16 security update",
"tracking": {
"current_release_date": "2024-11-15T00:49:20+00:00",
"generator": {
"date": "2024-11-15T00:49:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2020:2564",
"initial_release_date": "2020-06-15T16:18:11+00:00",
"revision_history": [
{
"date": "2020-06-15T16:18:11+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-06-15T16:18:11+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T00:49:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss Enterprise Application Platform Continuous Delivery",
"product": {
"name": "Red Hat JBoss Enterprise Application Platform Continuous Delivery",
"product_id": "Red Hat JBoss Enterprise Application Platform Continuous Delivery",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform_cd:16"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14718",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666415"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in slf4j-ext class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in jackson-databind involves exploiting CVE-2018-1088 against slf4j, which was fixed in Red Hat products through the errata referenced at https://access.redhat.com/security/cve/cve-2018-8088. Applications that link only slf4j versions including that fix are not vulnerable to this vulnerability.\n\nRed Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle slf4j-ext jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14718"
},
{
"category": "external",
"summary": "RHBZ#1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-15T16:18:11+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2564"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in slf4j-ext class"
},
{
"cve": "CVE-2018-14719",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666418"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using blaze classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products are not affected by this issue as they do not bundle or provide the requisite gadget jars to exploit this vulnerability:\nRed Hat Satellite 6\nRed Hat Enterprise Virtualization 4\nRed Hat Fuse 6, 7, and Fuse Integration Services 2\nRed Hat A-MQ 6",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14719"
},
{
"category": "external",
"summary": "RHBZ#1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-15T16:18:11+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2564"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes"
},
{
"cve": "CVE-2018-14720",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666423"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: exfiltration/XXE in some JDK classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.\n\nRed Hat Enterprise Virtualization 4 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14720"
},
{
"category": "external",
"summary": "RHBZ#1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-15T16:18:11+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2564"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: exfiltration/XXE in some JDK classes"
},
{
"cve": "CVE-2018-14721",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666428"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle axis2-jaxws jar.\n\nRed Hat Virtualization is not affected by this issue, since its does not bundle axis2-jaxws jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14721"
},
{
"category": "external",
"summary": "RHBZ#1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-15T16:18:11+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2564"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class"
},
{
"cve": "CVE-2018-19360",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666482"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the axis2-transport-jms class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t include axis2-transport-jms jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include axis2-transport-jms jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19360"
},
{
"category": "external",
"summary": "RHBZ#1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-15T16:18:11+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2564"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class"
},
{
"cve": "CVE-2018-19361",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666484"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the OpenJPA class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in openjpa class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19361"
},
{
"category": "external",
"summary": "RHBZ#1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-15T16:18:11+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2564"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in openjpa class"
},
{
"cve": "CVE-2018-19362",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666489"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the jboss-common-core class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in jboss-common-core class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19362"
},
{
"category": "external",
"summary": "RHBZ#1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19362",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-06-15T16:18:11+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nYou must restart the JBoss server process for the update to take effect.\n\nThe References section of this erratum contains a download link (you must log in to download the update)",
"product_ids": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:2564"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss Enterprise Application Platform Continuous Delivery"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in jboss-common-core class"
}
]
}
rhsa-2019_1106
Vulnerability from csaf_redhat
Published
2019-05-08 12:04
Modified
2025-01-19 19:45
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.1 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on JBoss Application Server 7.
This release of Red Hat JBoss Enterprise Application Platform 7.2.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.0, and includes bug fixes and enhancements. Refer to the Red Hat JBoss Enterprise Application Platform 7.2.1 Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)
* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)
* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)
* undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer (CVE-2018-14642)
* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)
* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)
* wildfly: Race condition on PID file allows for termination of arbitrary processes by local users (CVE-2019-3805)
* wildfly: wrong SecurityIdentity for EE concurrency threads that are reused (CVE-2019-3894)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on JBoss Application Server 7. \n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.0, and includes bug fixes and enhancements. Refer to the Red Hat JBoss Enterprise Application Platform 7.2.1 Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer (CVE-2018-14642)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\n* wildfly: Race condition on PID file allows for termination of arbitrary processes by local users (CVE-2019-3805)\n\n* wildfly: wrong SecurityIdentity for EE concurrency threads that are reused (CVE-2019-3894)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:1106",
"url": "https://access.redhat.com/errata/RHSA-2019:1106"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.2",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?product=appplatform\u0026downloadType=securityPatches\u0026version=7.2"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1628702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1628702"
},
{
"category": "external",
"summary": "1660263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660263"
},
{
"category": "external",
"summary": "1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "1682108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1682108"
},
{
"category": "external",
"summary": "JBEAP-14861",
"url": "https://issues.redhat.com/browse/JBEAP-14861"
},
{
"category": "external",
"summary": "JBEAP-15392",
"url": "https://issues.redhat.com/browse/JBEAP-15392"
},
{
"category": "external",
"summary": "JBEAP-15477",
"url": "https://issues.redhat.com/browse/JBEAP-15477"
},
{
"category": "external",
"summary": "JBEAP-15478",
"url": "https://issues.redhat.com/browse/JBEAP-15478"
},
{
"category": "external",
"summary": "JBEAP-15568",
"url": "https://issues.redhat.com/browse/JBEAP-15568"
},
{
"category": "external",
"summary": "JBEAP-15617",
"url": "https://issues.redhat.com/browse/JBEAP-15617"
},
{
"category": "external",
"summary": "JBEAP-15622",
"url": "https://issues.redhat.com/browse/JBEAP-15622"
},
{
"category": "external",
"summary": "JBEAP-15748",
"url": "https://issues.redhat.com/browse/JBEAP-15748"
},
{
"category": "external",
"summary": "JBEAP-15805",
"url": "https://issues.redhat.com/browse/JBEAP-15805"
},
{
"category": "external",
"summary": "JBEAP-15851",
"url": "https://issues.redhat.com/browse/JBEAP-15851"
},
{
"category": "external",
"summary": "JBEAP-15869",
"url": "https://issues.redhat.com/browse/JBEAP-15869"
},
{
"category": "external",
"summary": "JBEAP-15876",
"url": "https://issues.redhat.com/browse/JBEAP-15876"
},
{
"category": "external",
"summary": "JBEAP-16025",
"url": "https://issues.redhat.com/browse/JBEAP-16025"
},
{
"category": "external",
"summary": "JBEAP-16037",
"url": "https://issues.redhat.com/browse/JBEAP-16037"
},
{
"category": "external",
"summary": "JBEAP-16086",
"url": "https://issues.redhat.com/browse/JBEAP-16086"
},
{
"category": "external",
"summary": "JBEAP-16090",
"url": "https://issues.redhat.com/browse/JBEAP-16090"
},
{
"category": "external",
"summary": "JBEAP-16091",
"url": "https://issues.redhat.com/browse/JBEAP-16091"
},
{
"category": "external",
"summary": "JBEAP-16122",
"url": "https://issues.redhat.com/browse/JBEAP-16122"
},
{
"category": "external",
"summary": "JBEAP-16123",
"url": "https://issues.redhat.com/browse/JBEAP-16123"
},
{
"category": "external",
"summary": "JBEAP-16125",
"url": "https://issues.redhat.com/browse/JBEAP-16125"
},
{
"category": "external",
"summary": "JBEAP-16137",
"url": "https://issues.redhat.com/browse/JBEAP-16137"
},
{
"category": "external",
"summary": "JBEAP-16146",
"url": "https://issues.redhat.com/browse/JBEAP-16146"
},
{
"category": "external",
"summary": "JBEAP-16147",
"url": "https://issues.redhat.com/browse/JBEAP-16147"
},
{
"category": "external",
"summary": "JBEAP-16259",
"url": "https://issues.redhat.com/browse/JBEAP-16259"
},
{
"category": "external",
"summary": "JBEAP-16276",
"url": "https://issues.redhat.com/browse/JBEAP-16276"
},
{
"category": "external",
"summary": "JBEAP-16321",
"url": "https://issues.redhat.com/browse/JBEAP-16321"
},
{
"category": "external",
"summary": "JBEAP-16347",
"url": "https://issues.redhat.com/browse/JBEAP-16347"
},
{
"category": "external",
"summary": "JBEAP-16356",
"url": "https://issues.redhat.com/browse/JBEAP-16356"
},
{
"category": "external",
"summary": "JBEAP-16367",
"url": "https://issues.redhat.com/browse/JBEAP-16367"
},
{
"category": "external",
"summary": "JBEAP-16368",
"url": "https://issues.redhat.com/browse/JBEAP-16368"
},
{
"category": "external",
"summary": "JBEAP-16369",
"url": "https://issues.redhat.com/browse/JBEAP-16369"
},
{
"category": "external",
"summary": "JBEAP-16381",
"url": "https://issues.redhat.com/browse/JBEAP-16381"
},
{
"category": "external",
"summary": "JBEAP-16418",
"url": "https://issues.redhat.com/browse/JBEAP-16418"
},
{
"category": "external",
"summary": "JBEAP-9657",
"url": "https://issues.redhat.com/browse/JBEAP-9657"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1106.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.1 security update",
"tracking": {
"current_release_date": "2025-01-19T19:45:02+00:00",
"generator": {
"date": "2025-01-19T19:45:02+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2019:1106",
"initial_release_date": "2019-05-08T12:04:04+00:00",
"revision_history": [
{
"date": "2019-05-08T12:04:04+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-05-08T12:04:04+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:45:02+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.2",
"product": {
"name": "Red Hat JBoss EAP 7.2",
"product_id": "Red Hat JBoss EAP 7.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-11307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1677341"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using MyBatis classes when using DefaultTyping. An attacker could use this flaw to achieve content exfiltration and possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load MyBatis classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include MyBatis classes.\n\nRed Hat Fuse 6 and 7 are not directly affected by this issue, as although they do ship the vulnerable jackson-databind component, they do not enable polymorphic deserialization or default typing which are required for exploitability. Their impacts have correspondingly been reduced to Moderate. Future updates may address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-11307"
},
{
"category": "external",
"summary": "RHBZ#1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307"
}
],
"release_date": "2018-05-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:04:04+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1106"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis"
},
{
"cve": "CVE-2018-12022",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671097"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Jodd DB connection classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Jodd classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Jodd classes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12022"
},
{
"category": "external",
"summary": "RHBZ#1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:04:04+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1106"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library"
},
{
"cve": "CVE-2018-12023",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671096"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Oracle JDBC classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Oracle\u0027s JDBC classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Oracle\u0027s JDBC classes.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12023"
},
{
"category": "external",
"summary": "RHBZ#1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12023",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023"
}
],
"release_date": "2018-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:04:04+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1106"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver"
},
{
"cve": "CVE-2018-14642",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1628702"
}
],
"notes": [
{
"category": "description",
"text": "An information leak vulnerability was found in Undertow. If all headers are not written out in the first write() call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14642"
},
{
"category": "external",
"summary": "RHBZ#1628702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1628702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14642",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14642"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14642",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14642"
}
],
"release_date": "2018-09-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:04:04+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1106"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer"
},
{
"cve": "CVE-2018-14720",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666423"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: exfiltration/XXE in some JDK classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.\n\nRed Hat Enterprise Virtualization 4 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14720"
},
{
"category": "external",
"summary": "RHBZ#1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:04:04+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1106"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"Red Hat JBoss EAP 7.2"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: exfiltration/XXE in some JDK classes"
},
{
"cve": "CVE-2018-14721",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666428"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle axis2-jaxws jar.\n\nRed Hat Virtualization is not affected by this issue, since its does not bundle axis2-jaxws jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14721"
},
{
"category": "external",
"summary": "RHBZ#1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:04:04+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1106"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class"
},
{
"acknowledgments": [
{
"names": [
"Daniel Le Gall"
],
"organization": "SCRT Information Security"
}
],
"cve": "CVE-2019-3805",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"discovery_date": "2018-11-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1660263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in wildfly that would allow local users, who are able to execute init.d script, to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Race condition on PID file allows for termination of arbitrary processes by local users",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3805"
},
{
"category": "external",
"summary": "RHBZ#1660263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3805",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3805"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3805",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3805"
}
],
"release_date": "2019-04-30T17:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:04:04+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1106"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Race condition on PID file allows for termination of arbitrary processes by local users"
},
{
"acknowledgments": [
{
"names": [
"James Perkins"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-3894",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2019-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1682108"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the ElytronManagedThread in Wildfly\u0027s Elytron subsystem stores a SecurityIdentity to run the thread with that security identity. As these threads do not necessarily terminate if the \u0027keep alive\u0027 time has not expired, this could allow a shared thread to use the wrong security identity when executing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: wrong SecurityIdentity for EE concurrency threads that are reused",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss EAP 7.2"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3894"
},
{
"category": "external",
"summary": "RHBZ#1682108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1682108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3894",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3894"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3894",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3894"
}
],
"release_date": "2019-04-30T17:11:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:04:04+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nThe References section of this erratum contains a download link (you must log in to download the update).\n\nThe JBoss server process must be restarted for the update to take effect.",
"product_ids": [
"Red Hat JBoss EAP 7.2"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1106"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss EAP 7.2"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: wrong SecurityIdentity for EE concurrency threads that are reused"
}
]
}
rhsa-2019_3149
Vulnerability from csaf_redhat
Published
2019-10-18 19:52
Modified
2025-01-19 19:46
Summary
Red Hat Security Advisory: OpenShift Container Platform logging-elasticsearch5-container security update
Notes
Topic
An update for logging-elasticsearch5-container is now available for Red Hat OpenShift Container Platform 3.11.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains an update for jackson-databind in the logging-elasticsearch5 container image for Red Hat OpenShift Container Platform 3.11.153.
Security Fix(es):
* jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper (CVE-2017-7525)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)
* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)
* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)
* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)
* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)
* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)
* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)
* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)
* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)
* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)
* jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) (CVE-2018-5968)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
* guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service (CVE-2018-10237)
* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)
* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)
* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. (CVE-2019-12086)
* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. (CVE-2019-12814)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for logging-elasticsearch5-container is now available for Red Hat OpenShift Container Platform 3.11.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains an update for jackson-databind in the logging-elasticsearch5 container image for Red Hat OpenShift Container Platform 3.11.153.\n\nSecurity Fix(es):\n\n* jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper (CVE-2017-7525)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) (CVE-2018-5968)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\n* guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service (CVE-2018-10237)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. (CVE-2019-12086)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. (CVE-2019-12814)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:3149",
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1462702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
},
{
"category": "external",
"summary": "1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "1538332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538332"
},
{
"category": "external",
"summary": "1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "1573391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573391"
},
{
"category": "external",
"summary": "1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "1713468",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468"
},
{
"category": "external",
"summary": "1725795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795"
},
{
"category": "external",
"summary": "1725807",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725807"
},
{
"category": "external",
"summary": "1737517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3149.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform logging-elasticsearch5-container security update",
"tracking": {
"current_release_date": "2025-01-19T19:46:20+00:00",
"generator": {
"date": "2025-01-19T19:46:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2019:3149",
"initial_release_date": "2019-10-18T19:52:06+00:00",
"revision_history": [
{
"date": "2019-10-18T19:52:06+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-10-18T19:52:06+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:46:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 3.11",
"product": {
"name": "Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:3.11::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64",
"product": {
"name": "openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64",
"product_id": "openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d?arch=amd64\u0026repository_url=registry.redhat.io/openshift3/ose-logging-elasticsearch5\u0026tag=v3.11.153-2"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"product": {
"name": "openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"product_id": "openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift3/ose-logging-elasticsearch5\u0026tag=v3.11.153-2"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le"
},
"product_reference": "openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64 as a component of Red Hat OpenShift Container Platform 3.11",
"product_id": "7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
},
"product_reference": "openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.11"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-7525",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1462702"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7525"
},
{
"category": "external",
"summary": "RHBZ#1462702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
}
],
"release_date": "2017-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-15095",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"discovery_date": "2017-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506612"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15095"
},
{
"category": "external",
"summary": "RHBZ#1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)"
},
{
"acknowledgments": [
{
"names": [
"0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4"
]
}
],
"cve": "CVE-2017-17485",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1528565"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-17485"
},
{
"category": "external",
"summary": "RHBZ#1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)"
},
{
"cve": "CVE-2018-5968",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2018-01-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1538332"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind that could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaws CVE-2017-7525 and CVE-2017-17485 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "JBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advice about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nThis issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellitw 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nRed Hat Subscription Asset Manager version 1 is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having Important security impact and is not currently planned to be addressed in future updates.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-5968"
},
{
"category": "external",
"summary": "RHBZ#1538332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538332"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-5968",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5968"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5968",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5968"
}
],
"release_date": "2018-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485)"
},
{
"cve": "CVE-2018-7489",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1549276"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7489"
},
{
"category": "external",
"summary": "RHBZ#1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2018-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
},
{
"category": "workaround",
"details": "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries"
},
{
"cve": "CVE-2018-10237",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2018-05-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1573391"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Guava where the AtomicDoubleArray and CompoundOrdering classes were found to allocate memory based on size fields sent by the client without validation. A crafted message could cause the server to consume all available memory or crash leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Openshift Application Runtimes: Eclipse Vert.x is not exploitable by this flaw, though the vulnerable code is a transient dependency to the product. This issue may be addressed in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10237"
},
{
"category": "external",
"summary": "RHBZ#1573391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573391"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10237",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10237",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10237"
},
{
"category": "external",
"summary": "https://github.com/google/guava/wiki/CVE-2018-10237",
"url": "https://github.com/google/guava/wiki/CVE-2018-10237"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion",
"url": "https://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion"
}
],
"release_date": "2018-04-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service"
},
{
"cve": "CVE-2018-11307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1677341"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using MyBatis classes when using DefaultTyping. An attacker could use this flaw to achieve content exfiltration and possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load MyBatis classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include MyBatis classes.\n\nRed Hat Fuse 6 and 7 are not directly affected by this issue, as although they do ship the vulnerable jackson-databind component, they do not enable polymorphic deserialization or default typing which are required for exploitability. Their impacts have correspondingly been reduced to Moderate. Future updates may address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-11307"
},
{
"category": "external",
"summary": "RHBZ#1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307"
}
],
"release_date": "2018-05-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis"
},
{
"cve": "CVE-2018-12022",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671097"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Jodd DB connection classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Jodd classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Jodd classes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12022"
},
{
"category": "external",
"summary": "RHBZ#1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library"
},
{
"cve": "CVE-2018-12023",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671096"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Oracle JDBC classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Oracle\u0027s JDBC classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Oracle\u0027s JDBC classes.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12023"
},
{
"category": "external",
"summary": "RHBZ#1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12023",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023"
}
],
"release_date": "2018-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver"
},
{
"cve": "CVE-2018-14718",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666415"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in slf4j-ext class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in jackson-databind involves exploiting CVE-2018-1088 against slf4j, which was fixed in Red Hat products through the errata referenced at https://access.redhat.com/security/cve/cve-2018-8088. Applications that link only slf4j versions including that fix are not vulnerable to this vulnerability.\n\nRed Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle slf4j-ext jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14718"
},
{
"category": "external",
"summary": "RHBZ#1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in slf4j-ext class"
},
{
"cve": "CVE-2018-14719",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666418"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using blaze classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products are not affected by this issue as they do not bundle or provide the requisite gadget jars to exploit this vulnerability:\nRed Hat Satellite 6\nRed Hat Enterprise Virtualization 4\nRed Hat Fuse 6, 7, and Fuse Integration Services 2\nRed Hat A-MQ 6",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14719"
},
{
"category": "external",
"summary": "RHBZ#1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes"
},
{
"cve": "CVE-2018-14720",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666423"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: exfiltration/XXE in some JDK classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.\n\nRed Hat Enterprise Virtualization 4 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14720"
},
{
"category": "external",
"summary": "RHBZ#1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: exfiltration/XXE in some JDK classes"
},
{
"cve": "CVE-2018-14721",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666428"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle axis2-jaxws jar.\n\nRed Hat Virtualization is not affected by this issue, since its does not bundle axis2-jaxws jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14721"
},
{
"category": "external",
"summary": "RHBZ#1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class"
},
{
"cve": "CVE-2018-19360",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666482"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the axis2-transport-jms class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t include axis2-transport-jms jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include axis2-transport-jms jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19360"
},
{
"category": "external",
"summary": "RHBZ#1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class"
},
{
"cve": "CVE-2018-19361",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666484"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the OpenJPA class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in openjpa class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19361"
},
{
"category": "external",
"summary": "RHBZ#1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in openjpa class"
},
{
"cve": "CVE-2018-19362",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666489"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the jboss-common-core class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in jboss-common-core class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19362"
},
{
"category": "external",
"summary": "RHBZ#1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19362",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in jboss-common-core class"
},
{
"cve": "CVE-2019-12086",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-05-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1713468"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-12086"
},
{
"category": "external",
"summary": "RHBZ#1713468",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12086"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086"
}
],
"release_date": "2019-05-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server."
},
{
"cve": "CVE-2019-12384",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-06-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1725807"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in FasterXML jackson-databind in versions prior to 2.9.9. The vulnerability would permit polymorphic deserialization of malicious objects using the logback-core gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. Depending on the classpath content, remote code execution may be possible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack\u0027s OpenDaylight does not use logback in any supported configuration. Therefore, the prerequisites for this vulnerability are not present and OpenDaylight is not affected.\n\nThis vulnerability relies on logback-core (ch.qos.logback.core) being present in the application\u0027s ClassPath. Logback-core is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use logback-core are not impacted by this vulnerability.\n\nThis issue affects the versions of jackson-databind bundled with candlepin as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-12384"
},
{
"category": "external",
"summary": "RHBZ#1725807",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725807"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-12384",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12384"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12384",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12384"
}
],
"release_date": "2019-06-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution"
},
{
"cve": "CVE-2019-12814",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1725795"
}
],
"notes": [
{
"category": "description",
"text": "A new polymorphic typing flaw was discovered in FasterXML jackson-databind, versions 2.x through 2.9.9. With default typing enabled, an attacker can send a specifically crafted JSON message to the server that allows them to read arbitrary local files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Red Hat Satellite 6 does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability. \n* Red Hat OpenStack\u0027s OpenDaylight does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-12814"
},
{
"category": "external",
"summary": "RHBZ#1725795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-12814",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12814"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814"
}
],
"release_date": "2019-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
},
{
"category": "workaround",
"details": "This vulnerability relies on jdom (org.jdom) or jdom2 (org.jdom2) being present in the application\u0027s ClassPath. Applications using jackson-databind that do not also use jdom or jdom2 are not impacted by this vulnerability.",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message."
},
{
"cve": "CVE-2019-14379",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-07-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1737517"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: default typing mishandling leading to remote code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nSimilarly, Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14379"
},
{
"category": "external",
"summary": "RHBZ#1737517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14379",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379"
}
],
"release_date": "2019-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-10-18T19:52:06+00:00",
"details": "See the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/3.11/release_notes/ocp_3_11_release_notes.html",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:2c0cd0ca2711f326d906be032a93883d485088478e36c06f01fdf7328e4fa57d_ppc64le",
"7Server-RH7-RHOSE-3.11:openshift3/ose-logging-elasticsearch5@sha256:7b93cae88b28f76b9d61feb298447b958aade685ade34767c856b2fdf7229b7d_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: default typing mishandling leading to remote code execution"
}
]
}
rhsa-2019_1140
Vulnerability from csaf_redhat
Published
2019-05-09 18:14
Modified
2025-01-19 19:45
Summary
Red Hat Security Advisory: Red Hat Single Sign-On 7.3.1 security update
Notes
Topic
A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
[2021-07-07 UPDATE: The advisory was originally published with incomplete informational links and has been republished to update those links. NO CODE HAS CHANGED WITH THIS UPDATE, AND NO ACTION IS REQUIRED.]
Details
Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.
This release of Red Hat Single Sign-On 7.3.1 serves as a replacement for Red Hat Single Sign-On 7.3.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* keycloak: session hijack using the user access token (CVE-2019-3868)
* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)
* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)
* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)
* undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer (CVE-2018-14642)
* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)
* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)
* wildfly: Race condition on PID file allows for termination of arbitrary processes by local users (CVE-2019-3805)
* wildfly: wrong SecurityIdentity for EE concurrency threads that are reused (CVE-2019-3894)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A security update is now available for Red Hat Single Sign-On 7.3 from the Customer Portal.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n[2021-07-07 UPDATE: The advisory was originally published with incomplete informational links and has been republished to update those links. NO CODE HAS CHANGED WITH THIS UPDATE, AND NO ACTION IS REQUIRED.]",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Single Sign-On 7.3 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications.\n\nThis release of Red Hat Single Sign-On 7.3.1 serves as a replacement for Red Hat Single Sign-On 7.3.0, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* keycloak: session hijack using the user access token (CVE-2019-3868)\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer (CVE-2018-14642)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\n* wildfly: Race condition on PID file allows for termination of arbitrary processes by local users (CVE-2019-3805)\n\n* wildfly: wrong SecurityIdentity for EE concurrency threads that are reused (CVE-2019-3894)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:1140",
"url": "https://access.redhat.com/errata/RHSA-2019:1140"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=core.service.rhsso\u0026version=7.3",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=securityPatches\u0026product=core.service.rhsso\u0026version=7.3"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_single_sign-on/7.3/"
},
{
"category": "external",
"summary": "1628702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1628702"
},
{
"category": "external",
"summary": "1660263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660263"
},
{
"category": "external",
"summary": "1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "1679144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1679144"
},
{
"category": "external",
"summary": "1682108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1682108"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1140.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Single Sign-On 7.3.1 security update",
"tracking": {
"current_release_date": "2025-01-19T19:45:14+00:00",
"generator": {
"date": "2025-01-19T19:45:14+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2019:1140",
"initial_release_date": "2019-05-09T18:14:42+00:00",
"revision_history": [
{
"date": "2019-05-09T18:14:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-07-07T21:10:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:45:14+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Single Sign-On 7.3.1 zip",
"product": {
"name": "Red Hat Single Sign-On 7.3.1 zip",
"product_id": "Red Hat Single Sign-On 7.3.1 zip",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_single_sign_on:7.3"
}
}
}
],
"category": "product_family",
"name": "Red Hat Single Sign-On"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-11307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1677341"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using MyBatis classes when using DefaultTyping. An attacker could use this flaw to achieve content exfiltration and possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load MyBatis classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include MyBatis classes.\n\nRed Hat Fuse 6 and 7 are not directly affected by this issue, as although they do ship the vulnerable jackson-databind component, they do not enable polymorphic deserialization or default typing which are required for exploitability. Their impacts have correspondingly been reduced to Moderate. Future updates may address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.1 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-11307"
},
{
"category": "external",
"summary": "RHBZ#1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307"
}
],
"release_date": "2018-05-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-09T18:14:42+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.1 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1140"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.1 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis"
},
{
"cve": "CVE-2018-12022",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671097"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Jodd DB connection classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Jodd classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Jodd classes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.1 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12022"
},
{
"category": "external",
"summary": "RHBZ#1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-09T18:14:42+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.1 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1140"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.1 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library"
},
{
"cve": "CVE-2018-12023",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671096"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Oracle JDBC classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Oracle\u0027s JDBC classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Oracle\u0027s JDBC classes.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.1 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12023"
},
{
"category": "external",
"summary": "RHBZ#1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12023",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023"
}
],
"release_date": "2018-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-09T18:14:42+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.1 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1140"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.1 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver"
},
{
"cve": "CVE-2018-14642",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1628702"
}
],
"notes": [
{
"category": "description",
"text": "An information leak vulnerability was found in Undertow. If all headers are not written out in the first write() call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.1 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14642"
},
{
"category": "external",
"summary": "RHBZ#1628702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1628702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14642",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14642"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14642",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14642"
}
],
"release_date": "2018-09-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-09T18:14:42+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.1 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1140"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.1 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer"
},
{
"cve": "CVE-2018-14720",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666423"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: exfiltration/XXE in some JDK classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.\n\nRed Hat Enterprise Virtualization 4 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.1 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14720"
},
{
"category": "external",
"summary": "RHBZ#1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-09T18:14:42+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.1 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1140"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"Red Hat Single Sign-On 7.3.1 zip"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.1 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: exfiltration/XXE in some JDK classes"
},
{
"cve": "CVE-2018-14721",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666428"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle axis2-jaxws jar.\n\nRed Hat Virtualization is not affected by this issue, since its does not bundle axis2-jaxws jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.1 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14721"
},
{
"category": "external",
"summary": "RHBZ#1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-09T18:14:42+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.1 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1140"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.1 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class"
},
{
"acknowledgments": [
{
"names": [
"Daniel Le Gall"
],
"organization": "SCRT Information Security"
}
],
"cve": "CVE-2019-3805",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"discovery_date": "2018-11-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1660263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in wildfly that would allow local users, who are able to execute init.d script, to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Race condition on PID file allows for termination of arbitrary processes by local users",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.1 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3805"
},
{
"category": "external",
"summary": "RHBZ#1660263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3805",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3805"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3805",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3805"
}
],
"release_date": "2019-04-30T17:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-09T18:14:42+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.1 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1140"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.1 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Race condition on PID file allows for termination of arbitrary processes by local users"
},
{
"acknowledgments": [
{
"names": [
"Caranzo Gideon",
"Muzamil Muein",
"Siddiqui Najam"
],
"organization": "Gemalto E\u0026C"
}
],
"cve": "CVE-2019-3868",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-02-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1679144"
}
],
"notes": [
{
"category": "description",
"text": "Keycloak up to version 6.0.0 allows the end user token (access or id token JWT) to be used as the session cookie for browser sessions for OIDC. As a result an attacker with access to service provider backend could hijack user\u2019s browser session.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "keycloak: session hijack using the user access token",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.1 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3868"
},
{
"category": "external",
"summary": "RHBZ#1679144",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1679144"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3868",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3868"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3868",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3868"
}
],
"release_date": "2019-04-23T16:59:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-09T18:14:42+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.1 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1140"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.1 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "keycloak: session hijack using the user access token"
},
{
"acknowledgments": [
{
"names": [
"James Perkins"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-3894",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2019-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1682108"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the ElytronManagedThread in Wildfly\u0027s Elytron subsystem stores a SecurityIdentity to run the thread with that security identity. As these threads do not necessarily terminate if the \u0027keep alive\u0027 time has not expired, this could allow a shared thread to use the wrong security identity when executing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: wrong SecurityIdentity for EE concurrency threads that are reused",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Single Sign-On 7.3.1 zip"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3894"
},
{
"category": "external",
"summary": "RHBZ#1682108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1682108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3894",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3894"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3894",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3894"
}
],
"release_date": "2019-04-30T17:11:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-09T18:14:42+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat Single Sign-On 7.3.1 zip"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1140"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Single Sign-On 7.3.1 zip"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: wrong SecurityIdentity for EE concurrency threads that are reused"
}
]
}
rhsa-2019_1823
Vulnerability from csaf_redhat
Published
2019-07-22 14:53
Modified
2025-01-19 19:45
Summary
Red Hat Security Advisory: Red Hat Process Automation Manager 7.4.0 Security Update
Notes
Topic
An update is now available for Red Hat Process Automation Manager.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.
This release of Red Hat Process Automation Manager 7.4.0 serves as an update to Red Hat Process Automation Manager 7.3.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)
* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)
* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)
* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)
* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)
* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)
* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)
* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)
* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)
* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)
* xstream: remote code execution due to insecure XML deserialization (CVE-2019-10173, regression of CVE-2013-7285)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Process Automation Manager.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services.\n\nThis release of Red Hat Process Automation Manager 7.4.0 serves as an update to Red Hat Process Automation Manager 7.3.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\n* xstream: remote code execution due to insecure XML deserialization (CVE-2019-10173, regression of CVE-2013-7285)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:1823",
"url": "https://access.redhat.com/errata/RHSA-2019:1823"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhpam\u0026version=7.4.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhpam\u0026version=7.4.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.4/html/release_notes_for_red_hat_process_automation_manager_7.4/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_process_automation_manager/7.4/html/release_notes_for_red_hat_process_automation_manager_7.4/index"
},
{
"category": "external",
"summary": "1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "1722971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1722971"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1823.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Process Automation Manager 7.4.0 Security Update",
"tracking": {
"current_release_date": "2025-01-19T19:45:33+00:00",
"generator": {
"date": "2025-01-19T19:45:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2019:1823",
"initial_release_date": "2019-07-22T14:53:17+00:00",
"revision_history": [
{
"date": "2019-07-22T14:53:17+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-07-22T14:53:17+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:45:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss BPMS 7.4",
"product": {
"name": "Red Hat JBoss BPMS 7.4",
"product_id": "Red Hat JBoss BPMS 7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_bpms:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Process Automation Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-11307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1677341"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using MyBatis classes when using DefaultTyping. An attacker could use this flaw to achieve content exfiltration and possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load MyBatis classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include MyBatis classes.\n\nRed Hat Fuse 6 and 7 are not directly affected by this issue, as although they do ship the vulnerable jackson-databind component, they do not enable polymorphic deserialization or default typing which are required for exploitability. Their impacts have correspondingly been reduced to Moderate. Future updates may address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-11307"
},
{
"category": "external",
"summary": "RHBZ#1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307"
}
],
"release_date": "2018-05-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:17+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BPMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss BPMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis"
},
{
"cve": "CVE-2018-12022",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671097"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Jodd DB connection classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Jodd classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Jodd classes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12022"
},
{
"category": "external",
"summary": "RHBZ#1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:17+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BPMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss BPMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library"
},
{
"cve": "CVE-2018-12023",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671096"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Oracle JDBC classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Oracle\u0027s JDBC classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Oracle\u0027s JDBC classes.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12023"
},
{
"category": "external",
"summary": "RHBZ#1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12023",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023"
}
],
"release_date": "2018-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:17+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BPMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss BPMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver"
},
{
"cve": "CVE-2018-14718",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666415"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in slf4j-ext class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in jackson-databind involves exploiting CVE-2018-1088 against slf4j, which was fixed in Red Hat products through the errata referenced at https://access.redhat.com/security/cve/cve-2018-8088. Applications that link only slf4j versions including that fix are not vulnerable to this vulnerability.\n\nRed Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle slf4j-ext jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14718"
},
{
"category": "external",
"summary": "RHBZ#1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:17+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BPMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss BPMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in slf4j-ext class"
},
{
"cve": "CVE-2018-14719",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666418"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using blaze classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products are not affected by this issue as they do not bundle or provide the requisite gadget jars to exploit this vulnerability:\nRed Hat Satellite 6\nRed Hat Enterprise Virtualization 4\nRed Hat Fuse 6, 7, and Fuse Integration Services 2\nRed Hat A-MQ 6",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14719"
},
{
"category": "external",
"summary": "RHBZ#1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:17+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BPMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss BPMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes"
},
{
"cve": "CVE-2018-14720",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666423"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: exfiltration/XXE in some JDK classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.\n\nRed Hat Enterprise Virtualization 4 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14720"
},
{
"category": "external",
"summary": "RHBZ#1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:17+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BPMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1823"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"Red Hat JBoss BPMS 7.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss BPMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: exfiltration/XXE in some JDK classes"
},
{
"cve": "CVE-2018-14721",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666428"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle axis2-jaxws jar.\n\nRed Hat Virtualization is not affected by this issue, since its does not bundle axis2-jaxws jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14721"
},
{
"category": "external",
"summary": "RHBZ#1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:17+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BPMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss BPMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class"
},
{
"cve": "CVE-2018-19360",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666482"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the axis2-transport-jms class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t include axis2-transport-jms jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include axis2-transport-jms jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19360"
},
{
"category": "external",
"summary": "RHBZ#1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:17+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BPMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss BPMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class"
},
{
"cve": "CVE-2018-19361",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666484"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the OpenJPA class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in openjpa class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19361"
},
{
"category": "external",
"summary": "RHBZ#1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:17+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BPMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss BPMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in openjpa class"
},
{
"cve": "CVE-2018-19362",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666489"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the jboss-common-core class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in jboss-common-core class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19362"
},
{
"category": "external",
"summary": "RHBZ#1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19362",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:17+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BPMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss BPMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in jboss-common-core class"
},
{
"cve": "CVE-2019-10173",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2019-06-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1722971"
}
],
"notes": [
{
"category": "description",
"text": "It was found that xstream API version 1.4.10 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported format. This a regression of CVE-2013-7285 fixed in 1.4.7 (fixed) as of BPMS 6.0.1, the regression was introduced with xstream-1.4.10 implemented in RHPAM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: remote code execution due to insecure XML deserialization (regression of CVE-2013-7285)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BPMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10173"
},
{
"category": "external",
"summary": "RHBZ#1722971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1722971"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10173",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10173"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10173",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10173"
},
{
"category": "external",
"summary": "http://x-stream.github.io/changes.html#1.4.11",
"url": "http://x-stream.github.io/changes.html#1.4.11"
}
],
"release_date": "2018-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:17+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BPMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1823"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss BPMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xstream: remote code execution due to insecure XML deserialization (regression of CVE-2013-7285)"
}
]
}
rhsa-2019_1822
Vulnerability from csaf_redhat
Published
2019-07-22 14:53
Modified
2025-01-19 19:45
Summary
Red Hat Security Advisory: Red Hat Decision Manager 7.4.0 Security Update
Notes
Topic
An update is now available for Red Hat Decision Manager.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model & Notation (DMN) execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business.
This release of Red Hat Decision Manager 7.4.0 serves as an update to Red Hat Decision Manager 7.3.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)
* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)
* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)
* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)
* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)
* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)
* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)
* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)
* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)
* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)
* xstream: remote code execution due to insecure XML deserialization (CVE-2019-10173, regression of CVE-2013-7285)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat Decision Manager.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Decision Manager is an open source decision management platform that combines business rules management, complex event processing, Decision Model \u0026 Notation (DMN) execution, and Business Optimizer for solving planning problems. It automates business decisions and makes that logic available to the entire business. \n\nThis release of Red Hat Decision Manager 7.4.0 serves as an update to Red Hat Decision Manager 7.3.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\n* xstream: remote code execution due to insecure XML deserialization (CVE-2019-10173, regression of CVE-2013-7285)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:1822",
"url": "https://access.redhat.com/errata/RHSA-2019:1822"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhdm\u0026version=7.4.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=rhdm\u0026version=7.4.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_decision_manager/7.4/html/release_notes_for_red_hat_decision_manager_7.4/index",
"url": "https://access.redhat.com/documentation/en-us/red_hat_decision_manager/7.4/html/release_notes_for_red_hat_decision_manager_7.4/index"
},
{
"category": "external",
"summary": "1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "1722971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1722971"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1822.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Decision Manager 7.4.0 Security Update",
"tracking": {
"current_release_date": "2025-01-19T19:45:40+00:00",
"generator": {
"date": "2025-01-19T19:45:40+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2019:1822",
"initial_release_date": "2019-07-22T14:53:31+00:00",
"revision_history": [
{
"date": "2019-07-22T14:53:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-07-22T14:53:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:45:40+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss BRMS 7.4",
"product": {
"name": "Red Hat JBoss BRMS 7.4",
"product_id": "Red Hat JBoss BRMS 7.4",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_brms_platform:7.4"
}
}
}
],
"category": "product_family",
"name": "Red Hat Decision Manager"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-11307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1677341"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using MyBatis classes when using DefaultTyping. An attacker could use this flaw to achieve content exfiltration and possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load MyBatis classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include MyBatis classes.\n\nRed Hat Fuse 6 and 7 are not directly affected by this issue, as although they do ship the vulnerable jackson-databind component, they do not enable polymorphic deserialization or default typing which are required for exploitability. Their impacts have correspondingly been reduced to Moderate. Future updates may address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-11307"
},
{
"category": "external",
"summary": "RHBZ#1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307"
}
],
"release_date": "2018-05-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:31+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BRMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1822"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss BRMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis"
},
{
"cve": "CVE-2018-12022",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671097"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Jodd DB connection classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Jodd classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Jodd classes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12022"
},
{
"category": "external",
"summary": "RHBZ#1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:31+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BRMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1822"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss BRMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library"
},
{
"cve": "CVE-2018-12023",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671096"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Oracle JDBC classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Oracle\u0027s JDBC classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Oracle\u0027s JDBC classes.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12023"
},
{
"category": "external",
"summary": "RHBZ#1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12023",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023"
}
],
"release_date": "2018-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:31+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BRMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1822"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss BRMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver"
},
{
"cve": "CVE-2018-14718",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666415"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in slf4j-ext class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in jackson-databind involves exploiting CVE-2018-1088 against slf4j, which was fixed in Red Hat products through the errata referenced at https://access.redhat.com/security/cve/cve-2018-8088. Applications that link only slf4j versions including that fix are not vulnerable to this vulnerability.\n\nRed Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle slf4j-ext jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14718"
},
{
"category": "external",
"summary": "RHBZ#1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:31+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BRMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1822"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss BRMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in slf4j-ext class"
},
{
"cve": "CVE-2018-14719",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666418"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using blaze classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products are not affected by this issue as they do not bundle or provide the requisite gadget jars to exploit this vulnerability:\nRed Hat Satellite 6\nRed Hat Enterprise Virtualization 4\nRed Hat Fuse 6, 7, and Fuse Integration Services 2\nRed Hat A-MQ 6",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14719"
},
{
"category": "external",
"summary": "RHBZ#1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:31+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BRMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1822"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat JBoss BRMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes"
},
{
"cve": "CVE-2018-14720",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666423"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: exfiltration/XXE in some JDK classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.\n\nRed Hat Enterprise Virtualization 4 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14720"
},
{
"category": "external",
"summary": "RHBZ#1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:31+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BRMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1822"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"Red Hat JBoss BRMS 7.4"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss BRMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: exfiltration/XXE in some JDK classes"
},
{
"cve": "CVE-2018-14721",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666428"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle axis2-jaxws jar.\n\nRed Hat Virtualization is not affected by this issue, since its does not bundle axis2-jaxws jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14721"
},
{
"category": "external",
"summary": "RHBZ#1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:31+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BRMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1822"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat JBoss BRMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class"
},
{
"cve": "CVE-2018-19360",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666482"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the axis2-transport-jms class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t include axis2-transport-jms jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include axis2-transport-jms jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19360"
},
{
"category": "external",
"summary": "RHBZ#1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:31+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BRMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1822"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss BRMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class"
},
{
"cve": "CVE-2018-19361",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666484"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the OpenJPA class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in openjpa class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19361"
},
{
"category": "external",
"summary": "RHBZ#1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:31+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BRMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1822"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss BRMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in openjpa class"
},
{
"cve": "CVE-2018-19362",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666489"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the jboss-common-core class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in jboss-common-core class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19362"
},
{
"category": "external",
"summary": "RHBZ#1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19362",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:31+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BRMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1822"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss BRMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in jboss-common-core class"
},
{
"cve": "CVE-2019-10173",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2019-06-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1722971"
}
],
"notes": [
{
"category": "description",
"text": "It was found that xstream API version 1.4.10 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported format. This a regression of CVE-2013-7285 fixed in 1.4.7 (fixed) as of BPMS 6.0.1, the regression was introduced with xstream-1.4.10 implemented in RHPAM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: remote code execution due to insecure XML deserialization (regression of CVE-2013-7285)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat JBoss BRMS 7.4"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10173"
},
{
"category": "external",
"summary": "RHBZ#1722971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1722971"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10173",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10173"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10173",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10173"
},
{
"category": "external",
"summary": "http://x-stream.github.io/changes.html#1.4.11",
"url": "http://x-stream.github.io/changes.html#1.4.11"
}
],
"release_date": "2018-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-07-22T14:53:31+00:00",
"details": "For on-premise installations, before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nIt is recommended to halt the server by stopping the JBoss Application Server process before installing this update; after installing the update, restart the server by starting the JBoss Application Server process.\n\nThe References section of this erratum contains a download link (you must log in to download the update).",
"product_ids": [
"Red Hat JBoss BRMS 7.4"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1822"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat JBoss BRMS 7.4"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xstream: remote code execution due to insecure XML deserialization (regression of CVE-2013-7285)"
}
]
}
rhsa-2019_2858
Vulnerability from csaf_redhat
Published
2019-09-27 00:13
Modified
2025-01-19 19:45
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.1.18 logging-elasticsearch5 security update
Notes
Topic
An update for logging-elasticsearch5-container is now available for Red Hat OpenShift Container Platform 4.1.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing
Kubernetes application platform solution designed for on-premise or private
cloud deployments.
This advisory contains an update for both jackson-databind and guava in the logging-elasticsearch5 container image for Red Hat OpenShift Container Platform 4.1.18.
Security Fix(es):
* jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper (CVE-2017-7525)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)
* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)
* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)
* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)
* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)
* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)
* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)
* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)
* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)
* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)
* jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) (CVE-2018-5968)
* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)
* guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service (CVE-2018-10237)
* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)
* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)
* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. (CVE-2019-12086)
* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. (CVE-2019-12814)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for logging-elasticsearch5-container is now available for Red Hat OpenShift Container Platform 4.1.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains an update for both jackson-databind and guava in the logging-elasticsearch5 container image for Red Hat OpenShift Container Platform 4.1.18.\n\nSecurity Fix(es):\n\n* jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper (CVE-2017-7525)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\n* jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution (CVE-2019-12384)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485) (CVE-2018-5968)\n\n* jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries (CVE-2018-7489)\n\n* guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service (CVE-2018-10237)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server. (CVE-2019-12086)\n\n* jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message. (CVE-2019-12814)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:2858",
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1462702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
},
{
"category": "external",
"summary": "1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "1538332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538332"
},
{
"category": "external",
"summary": "1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "1573391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573391"
},
{
"category": "external",
"summary": "1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "1713468",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468"
},
{
"category": "external",
"summary": "1725795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795"
},
{
"category": "external",
"summary": "1725807",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725807"
},
{
"category": "external",
"summary": "1737517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_2858.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.1.18 logging-elasticsearch5 security update",
"tracking": {
"current_release_date": "2025-01-19T19:45:57+00:00",
"generator": {
"date": "2025-01-19T19:45:57+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2019:2858",
"initial_release_date": "2019-09-27T00:13:23+00:00",
"revision_history": [
{
"date": "2019-09-27T00:13:23+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-09-27T00:13:23+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:45:57+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.1",
"product": {
"name": "Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.1::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64",
"product": {
"name": "openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64",
"product_id": "openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-elasticsearch5\u0026tag=v4.1.18-201909201915"
}
}
}
],
"category": "architecture",
"name": "amd64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64 as a component of Red Hat OpenShift Container Platform 4.1",
"product_id": "7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
},
"product_reference": "openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.1"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-7525",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-06-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1462702"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nAlthough JBoss Fuse ships the vulnerable version of jackson-databind, it does not call on enableDefaultTyping() for any polymorphic deserialization operations which is the root cause of this vulnerability. We have raised a Jira tracker to ensure that jackson-databind will be upgraded for Fuse 7.0, however due to feasibility issues jackson-databind cannot be upgraded in JBoss Fuse 6.3.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-7525"
},
{
"category": "external",
"summary": "RHBZ#1462702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1462702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-7525",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7525"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-7525"
}
],
"release_date": "2017-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Deserialization vulnerability via readValue method of ObjectMapper"
},
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-15095",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"discovery_date": "2017-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506612"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15095"
},
{
"category": "external",
"summary": "RHBZ#1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)"
},
{
"acknowledgments": [
{
"names": [
"0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4"
]
}
],
"cve": "CVE-2017-17485",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1528565"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-17485"
},
{
"category": "external",
"summary": "RHBZ#1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)"
},
{
"cve": "CVE-2018-5968",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2018-01-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1538332"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind that could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaws CVE-2017-7525 and CVE-2017-17485 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "JBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advice about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231\n\nThis issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellitw 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nRed Hat Subscription Asset Manager version 1 is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having Important security impact and is not currently planned to be addressed in future updates.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-5968"
},
{
"category": "external",
"summary": "RHBZ#1538332",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1538332"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-5968",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-5968"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-5968",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-5968"
}
],
"release_date": "2018-01-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: unsafe deserialization due to incomplete blacklist (incomplete fix for CVE-2017-7525 and CVE-2017-17485)"
},
{
"cve": "CVE-2018-7489",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-02-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1549276"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Subscription Asset Manager is now in a reduced support phase receiving only Critical impact security fixes. This issue has been rated as having a security impact of Moderate, and is not currently planned to be addressed in future updates.\n\nSatellite 6.2 does not support c3p0 classes. Since the latter are required for this flaw, therefore Satellite 6.2 is not affected. Satellite 6.3 and 6.4 are not affected because Candlepin does not use polymorphic deserialization.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-7489"
},
{
"category": "external",
"summary": "RHBZ#1549276",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1549276"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-7489",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-7489"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-7489"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2018-02-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
},
{
"category": "workaround",
"details": "Advice on how to remain safe while using JAX-RS webservices on JBoss EAP 7.x is available here:\n\nhttps://access.redhat.com/solutions/3279231\nhttps://github.com/FasterXML/jackson-docs/wiki/JacksonPolymorphicDeserialization\n\nGeneral Mitigation: \nTry to avoid \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries"
},
{
"cve": "CVE-2018-10237",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"discovery_date": "2018-05-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1573391"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was found in Guava where the AtomicDoubleArray and CompoundOrdering classes were found to allocate memory based on size fields sent by the client without validation. A crafted message could cause the server to consume all available memory or crash leading to a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Openshift Application Runtimes: Eclipse Vert.x is not exploitable by this flaw, though the vulnerable code is a transient dependency to the product. This issue may be addressed in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-10237"
},
{
"category": "external",
"summary": "RHBZ#1573391",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1573391"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-10237",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-10237"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-10237",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-10237"
},
{
"category": "external",
"summary": "https://github.com/google/guava/wiki/CVE-2018-10237",
"url": "https://github.com/google/guava/wiki/CVE-2018-10237"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion",
"url": "https://groups.google.com/forum/#!topic/guava-announce/xqWALw4W1vs/discussion"
}
],
"release_date": "2018-04-25T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "guava: Unbounded memory allocation in AtomicDoubleArray and CompoundOrdering classes allow remote attackers to cause a denial of service"
},
{
"cve": "CVE-2018-11307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1677341"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using MyBatis classes when using DefaultTyping. An attacker could use this flaw to achieve content exfiltration and possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load MyBatis classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include MyBatis classes.\n\nRed Hat Fuse 6 and 7 are not directly affected by this issue, as although they do ship the vulnerable jackson-databind component, they do not enable polymorphic deserialization or default typing which are required for exploitability. Their impacts have correspondingly been reduced to Moderate. Future updates may address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-11307"
},
{
"category": "external",
"summary": "RHBZ#1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307"
}
],
"release_date": "2018-05-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis"
},
{
"cve": "CVE-2018-12022",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671097"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Jodd DB connection classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Jodd classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Jodd classes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12022"
},
{
"category": "external",
"summary": "RHBZ#1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library"
},
{
"cve": "CVE-2018-12023",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671096"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Oracle JDBC classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Oracle\u0027s JDBC classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Oracle\u0027s JDBC classes.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12023"
},
{
"category": "external",
"summary": "RHBZ#1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12023",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023"
}
],
"release_date": "2018-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver"
},
{
"cve": "CVE-2018-14718",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666415"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in slf4j-ext class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in jackson-databind involves exploiting CVE-2018-1088 against slf4j, which was fixed in Red Hat products through the errata referenced at https://access.redhat.com/security/cve/cve-2018-8088. Applications that link only slf4j versions including that fix are not vulnerable to this vulnerability.\n\nRed Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle slf4j-ext jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14718"
},
{
"category": "external",
"summary": "RHBZ#1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in slf4j-ext class"
},
{
"cve": "CVE-2018-14719",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666418"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using blaze classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products are not affected by this issue as they do not bundle or provide the requisite gadget jars to exploit this vulnerability:\nRed Hat Satellite 6\nRed Hat Enterprise Virtualization 4\nRed Hat Fuse 6, 7, and Fuse Integration Services 2\nRed Hat A-MQ 6",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14719"
},
{
"category": "external",
"summary": "RHBZ#1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes"
},
{
"cve": "CVE-2018-14720",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666423"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: exfiltration/XXE in some JDK classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.\n\nRed Hat Enterprise Virtualization 4 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14720"
},
{
"category": "external",
"summary": "RHBZ#1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: exfiltration/XXE in some JDK classes"
},
{
"cve": "CVE-2018-14721",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666428"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle axis2-jaxws jar.\n\nRed Hat Virtualization is not affected by this issue, since its does not bundle axis2-jaxws jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14721"
},
{
"category": "external",
"summary": "RHBZ#1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class"
},
{
"cve": "CVE-2018-19360",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666482"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the axis2-transport-jms class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t include axis2-transport-jms jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include axis2-transport-jms jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19360"
},
{
"category": "external",
"summary": "RHBZ#1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class"
},
{
"cve": "CVE-2018-19361",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666484"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the OpenJPA class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in openjpa class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19361"
},
{
"category": "external",
"summary": "RHBZ#1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in openjpa class"
},
{
"cve": "CVE-2018-19362",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666489"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the jboss-common-core class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in jboss-common-core class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19362"
},
{
"category": "external",
"summary": "RHBZ#1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19362",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in jboss-common-core class"
},
{
"cve": "CVE-2019-12086",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-05-18T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1713468"
}
],
"notes": [
{
"category": "description",
"text": "A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-12086"
},
{
"category": "external",
"summary": "RHBZ#1713468",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1713468"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-12086",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12086"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12086"
}
],
"release_date": "2019-05-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server."
},
{
"cve": "CVE-2019-12384",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-06-25T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1725807"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in FasterXML jackson-databind in versions prior to 2.9.9. The vulnerability would permit polymorphic deserialization of malicious objects using the logback-core gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. Depending on the classpath content, remote code execution may be possible.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat OpenStack\u0027s OpenDaylight does not use logback in any supported configuration. Therefore, the prerequisites for this vulnerability are not present and OpenDaylight is not affected.\n\nThis vulnerability relies on logback-core (ch.qos.logback.core) being present in the application\u0027s ClassPath. Logback-core is not packaged as an RPM for Red Hat Enterprise Linux or Red Hat Software Collections. Applications using jackson-databind that do not also use logback-core are not impacted by this vulnerability.\n\nThis issue affects the versions of jackson-databind bundled with candlepin as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-12384"
},
{
"category": "external",
"summary": "RHBZ#1725807",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725807"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-12384",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12384"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12384",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12384"
}
],
"release_date": "2019-06-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: failure to block the logback-core class from polymorphic deserialization leading to remote code execution"
},
{
"cve": "CVE-2019-12814",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2019-06-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1725795"
}
],
"notes": [
{
"category": "description",
"text": "A new polymorphic typing flaw was discovered in FasterXML jackson-databind, versions 2.x through 2.9.9. With default typing enabled, an attacker can send a specifically crafted JSON message to the server that allows them to read arbitrary local files.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message.",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* Red Hat Satellite 6 does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability. \n* Red Hat OpenStack\u0027s OpenDaylight does not include the jdom or jdom2 packages, thus it is not affected by this vulnerability.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-12814"
},
{
"category": "external",
"summary": "RHBZ#1725795",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1725795"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-12814",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-12814"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-12814"
}
],
"release_date": "2019-06-04T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
},
{
"category": "workaround",
"details": "This vulnerability relies on jdom (org.jdom) or jdom2 (org.jdom2) being present in the application\u0027s ClassPath. Applications using jackson-databind that do not also use jdom or jdom2 are not impacted by this vulnerability.",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: polymorphic typing issue allows attacker to read arbitrary local files on the server via crafted JSON message."
},
{
"cve": "CVE-2019-14379",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-07-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1737517"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: default typing mishandling leading to remote code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nSimilarly, Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14379"
},
{
"category": "external",
"summary": "RHBZ#1737517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14379",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379"
}
],
"release_date": "2019-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-09-27T00:13:23+00:00",
"details": "For OpenShift Container Platform 4.1 see the following documentation, which\nwill be updated shortly for release 4.1.18, for important instructions on\nhow to upgrade your cluster and fully apply this asynchronous errata\nupdate:\n\nhttps://docs.openshift.com/container-platform/4.1/release_notes/ocp-4-1-release-notes.html",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-RH7-RHOSE-4.1:openshift4/ose-logging-elasticsearch5@sha256:797e81b7dd36ecd46ffa45466ab8013b1e6a5e2f477e89295e54b154b7aff59b_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: default typing mishandling leading to remote code execution"
}
]
}
rhsa-2019_3892
Vulnerability from csaf_redhat
Published
2019-11-14 21:17
Modified
2025-01-19 19:46
Summary
Red Hat Security Advisory: Red Hat Fuse 7.5.0 security update
Notes
Topic
A minor version update (from 7.4 to 7.5) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
[2020-04-17 update: descriptions for mutiple components fixed for the same CVE added]
Details
This release of Red Hat Fuse 7.5.0 serves as a replacement for Red Hat Fuse 7.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.
Security Fix(es):
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)
* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)
* infinispan: deserialization of data in XML and JSON transcoders (CVE-2018-1131)
* hadoop: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file (CVE-2018-8009)
* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)
* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)
* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)
* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)
* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)
* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)
* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)
* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)
* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)
* retrofit: Directory traversal in RequestBuilder allows manipulation of resources (CVE-2018-1000850)
* zookeeper: Information disclosure in Apache ZooKeeper (CVE-2019-0201)
* mesos: docker image code execution (CVE-2019-0204)
* netty: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)
* grpc: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)
* netty: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)
* grpc: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)
* netty: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)
* grpc: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)
* netty: HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)
* xstream: remote code execution due to insecure XML deserialization (regression of CVE-2013-7285) (CVE-2019-10173)
* syndesis: default CORS configuration is allow all (CVE-2019-14860)
* netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers (CVE-2019-16869)
* activemq: ActiveMQ Client Missing TLS Hostname Verification (CVE-2018-11775)
* tika: Incomplete fix allows for XML entity expansion resulting in denial of service (CVE-2018-11796)
* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)
* tomcat: Host name verification missing in WebSocket client (CVE-2018-8034)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "A minor version update (from 7.4 to 7.5) is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.\n\n[2020-04-17 update: descriptions for mutiple components fixed for the same CVE added]",
"title": "Topic"
},
{
"category": "general",
"text": "This release of Red Hat Fuse 7.5.0 serves as a replacement for Red Hat Fuse 7.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References.\n\nSecurity Fix(es):\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525) (CVE-2017-15095)\n\n* jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095) (CVE-2017-17485)\n\n* infinispan: deserialization of data in XML and JSON transcoders (CVE-2018-1131)\n\n* hadoop: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file (CVE-2018-8009)\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\n* retrofit: Directory traversal in RequestBuilder allows manipulation of resources (CVE-2018-1000850)\n\n* zookeeper: Information disclosure in Apache ZooKeeper (CVE-2019-0201)\n\n* mesos: docker image code execution (CVE-2019-0204)\n\n* netty: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* grpc: HTTP/2: flood using PING frames results in unbounded memory growth (CVE-2019-9512)\n\n* netty: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* grpc: HTTP/2: flood using HEADERS frames results in unbounded memory growth (CVE-2019-9514)\n\n* netty: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\n* grpc: HTTP/2: flood using SETTINGS frames results in unbounded memory growth (CVE-2019-9515)\n\n* netty: HTTP/2: flood using empty frames results in excessive resource consumption (CVE-2019-9518)\n\n* xstream: remote code execution due to insecure XML deserialization (regression of CVE-2013-7285) (CVE-2019-10173)\n\n* syndesis: default CORS configuration is allow all (CVE-2019-14860)\n\n* netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers (CVE-2019-16869)\n\n* activemq: ActiveMQ Client Missing TLS Hostname Verification (CVE-2018-11775)\n\n* tika: Incomplete fix allows for XML entity expansion resulting in denial of service (CVE-2018-11796)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\n* tomcat: Host name verification missing in WebSocket client (CVE-2018-8034)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:3892",
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.fuse\u0026version=7.5.0",
"url": "https://access.redhat.com/jbossnetwork/restricted/listSoftware.html?downloadType=distributions\u0026product=jboss.fuse\u0026version=7.5.0"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/"
},
{
"category": "external",
"summary": "1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "1576492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576492"
},
{
"category": "external",
"summary": "1593018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593018"
},
{
"category": "external",
"summary": "1607580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1607580"
},
{
"category": "external",
"summary": "1629083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1629083"
},
{
"category": "external",
"summary": "1639090",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1639090"
},
{
"category": "external",
"summary": "1663904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663904"
},
{
"category": "external",
"summary": "1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "1692755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1692755"
},
{
"category": "external",
"summary": "1715197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715197"
},
{
"category": "external",
"summary": "1722971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1722971"
},
{
"category": "external",
"summary": "1735645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735645"
},
{
"category": "external",
"summary": "1735744",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735744"
},
{
"category": "external",
"summary": "1735745",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735745"
},
{
"category": "external",
"summary": "1735749",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735749"
},
{
"category": "external",
"summary": "1758619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758619"
},
{
"category": "external",
"summary": "1761912",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1761912"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_3892.json"
}
],
"title": "Red Hat Security Advisory: Red Hat Fuse 7.5.0 security update",
"tracking": {
"current_release_date": "2025-01-19T19:46:26+00:00",
"generator": {
"date": "2025-01-19T19:46:26+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2019:3892",
"initial_release_date": "2019-11-14T21:17:38+00:00",
"revision_history": [
{
"date": "2019-11-14T21:17:38+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-04-20T07:18:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:46:26+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Fuse 7.5.0",
"product": {
"name": "Red Hat Fuse 7.5.0",
"product_id": "Red Hat Fuse 7.5.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_fuse:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Fuse"
}
],
"category": "vendor",
"name": "Red Hat"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Liao Xinxi"
],
"organization": "NSFOCUS"
}
],
"cve": "CVE-2017-15095",
"cwe": {
"id": "CWE-184",
"name": "Incomplete List of Disallowed Inputs"
},
"discovery_date": "2017-10-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1506612"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of jackson-databind (in Satellite 6.0 and 6.1) and candlepin (which embeds a copy of jackson-databind in Satellite 6.2) as shipped with Red Hat Satellite 6.x. However the affected code is NOT used at this time:\n\nCandlepin currently uses the default type resolution configuration for the ObjectMappers it creates/uses. Nowhere in candlepin do we enable global polymorphic deserialization via enableDefaultTyping(...), therefore based on the documentation sited BZ 1462702 , candlepin should not be affected.\n\nHowever as the vulnerable software ships with the product we have marked them as vulnerable to ensure the issue is tracked.\n\nJBoss EAP 7.x only uses the vulnerable Jackson Databind library for marshalling and unmarshalling of JSON objects passed to JAX-RS webservices. Some advise about how to remain safe when using JAX-RS webservices on JBoss EAP 7.x is available here: \n\nhttps://access.redhat.com/solutions/3279231",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-15095"
},
{
"category": "external",
"summary": "RHBZ#1506612",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1506612"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-15095",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-15095"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-15095"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-11-02T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
},
{
"category": "workaround",
"details": "Mitigation to this problem is to not trigger polymorphic desrialization globally by using: objectMapper.enableDefaultTyping() and rather use @JsonTypeInfo on the class property to explicitly define the type information. For more information on this issue please refer to https://www.github.com/mbechler/marshalsec/blob/master/marshalsec.pdf?raw=true",
"product_ids": [
"Red Hat Fuse 7.5.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-7525)"
},
{
"acknowledgments": [
{
"names": [
"0c0c0f from 360\u89c2\u661f\u5b9e\u9a8c\u5ba4"
]
}
],
"cve": "CVE-2017-17485",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-06T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1528565"
}
],
"notes": [
{
"category": "description",
"text": "A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending maliciously crafted input to the readValue method of ObjectMapper. This issue extends upon the previous flaws CVE-2017-7525 and CVE-2017-15095 by blacklisting more classes that could be used maliciously.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2017-17485"
},
{
"category": "external",
"summary": "RHBZ#1528565",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1528565"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2017-17485",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-17485"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2017-17485"
},
{
"category": "external",
"summary": "https://access.redhat.com/solutions/3442891",
"url": "https://access.redhat.com/solutions/3442891"
}
],
"release_date": "2017-12-12T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Unsafe deserialization due to incomplete black list (incomplete fix for CVE-2017-15095)"
},
{
"cve": "CVE-2018-1131",
"cwe": {
"id": "CWE-349",
"name": "Acceptance of Extraneous Untrusted Data With Trusted Data"
},
"discovery_date": "2018-05-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1576492"
}
],
"notes": [
{
"category": "description",
"text": "Infinispan permits improper deserialization of trusted data via XML and JSON transcoders under certain server configurations. A user with authenticated access to the server could send a malicious object to a cache configured to accept certain types of objects, achieving code execution and possible further attacks. Versions 9.0.3.Final, 9.1.7.Final, 8.2.10.Final, 9.2.2.Final, 9.3.0.Alpha1 are believed to be affected.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "infinispan: deserialization of data in XML and JSON transcoders",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1131"
},
{
"category": "external",
"summary": "RHBZ#1576492",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1576492"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1131",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1131"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1131",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1131"
}
],
"release_date": "2018-05-14T14:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "infinispan: deserialization of data in XML and JSON transcoders"
},
{
"cve": "CVE-2018-8009",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-06-19T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1593018"
}
],
"notes": [
{
"category": "description",
"text": "Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to 2.8.4, 2.0.0-alpha to 2.7.6, 0.23.0 to 0.23.11 is exploitable via the zip slip vulnerability in places that accept a zip file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "hadoop: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue did not affect the versions of rhs-hadoop as shipped with Red Hat Gluster Storage 3. For JBoss Fuse 6.3 and 7 standalone, while they ship vulnerable artifact via camel-hbase, camel-hdfs2 (fuse 6.3) and camel-hdfs2 (fuse 7), there\u0027s no invocation on the flawed code that could lead to an unzip operation. So fuse 6.3, 7 standalone are not affected. However FIS 2.0 and Fuse 7 on OpenShift ship vulnerable artifact via maven BOM, so setting fuse as affected for this reason.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-8009"
},
{
"category": "external",
"summary": "RHBZ#1593018",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1593018"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-8009",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8009"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8009",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8009"
}
],
"release_date": "2018-06-05T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "hadoop: arbitrary file write vulnerability / arbitrary code execution using a specially crafted zip file"
},
{
"cve": "CVE-2018-8034",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2018-07-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1607580"
}
],
"notes": [
{
"category": "description",
"text": "The host name verification when using TLS with the WebSocket client was missing. It is now enabled by default. Versions Affected: Apache Tomcat 9.0.0.M1 to 9.0.9, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, and 7.0.35 to 7.0.88.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tomcat: Host name verification missing in WebSocket client",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Tomcat 6, and Red Hat products shipping it, are not affected by this CVE. Tomcat 7, 8, and 9, as well as Red Hat Products shipping them, are affected. Affected products, including Red Hat JBoss Web Server 3 and 5, Enterprise Application Server 6, and Fuse 7, may provide fixes for this issue in a future release.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-8034"
},
{
"category": "external",
"summary": "RHBZ#1607580",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1607580"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-8034",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8034"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-8034",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-8034"
}
],
"release_date": "2018-07-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "tomcat: Host name verification missing in WebSocket client"
},
{
"cve": "CVE-2018-11307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1677341"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using MyBatis classes when using DefaultTyping. An attacker could use this flaw to achieve content exfiltration and possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load MyBatis classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include MyBatis classes.\n\nRed Hat Fuse 6 and 7 are not directly affected by this issue, as although they do ship the vulnerable jackson-databind component, they do not enable polymorphic deserialization or default typing which are required for exploitability. Their impacts have correspondingly been reduced to Moderate. Future updates may address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-11307"
},
{
"category": "external",
"summary": "RHBZ#1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307"
}
],
"release_date": "2018-05-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis"
},
{
"cve": "CVE-2018-11775",
"discovery_date": "2018-09-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1629083"
}
],
"notes": [
{
"category": "description",
"text": "TLS hostname verification when using the Apache ActiveMQ Client before 5.15.6 was missing which could make the client vulnerable to a MITM attack between a Java application using the ActiveMQ client and the ActiveMQ server. This is now enabled by default.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "activemq: ActiveMQ Client Missing TLS Hostname Verification",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-11775"
},
{
"category": "external",
"summary": "RHBZ#1629083",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1629083"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-11775",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11775"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-11775",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11775"
}
],
"release_date": "2018-09-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "activemq: ActiveMQ Client Missing TLS Hostname Verification"
},
{
"cve": "CVE-2018-11796",
"cwe": {
"id": "CWE-776",
"name": "Improper Restriction of Recursive Entity References in DTDs (\u0027XML Entity Expansion\u0027)"
},
"discovery_date": "2018-10-10T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1639090"
}
],
"notes": [
{
"category": "description",
"text": "In Apache Tika 1.19 (CVE-2018-11761), we added an entity expansion limit for XML parsing. However, Tika reuses SAXParsers and calls reset() after each parse, which, for Xerces2 parsers, as per the documentation, removes the user-specified SecurityManager and thus removes entity expansion limits after the first parse. Apache Tika versions from 0.1 to 1.19 are therefore still vulnerable to entity expansions which can lead to a denial of service attack. Users should upgrade to 1.19.1 or later.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "tika: Incomplete fix allows for XML entity expansion resulting in denial of service",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the versions of tika which is embedded in the nutch package as shipped with Red Hat Satellite 5. The tika server is not exposed, as such exploitation is difficult, Red Hat Product Security has rated this issue as having security impact of Low. A future update may address this issue. For additional information, refer to the Issue Severity Classification: https://access.redhat.com/security/updates/classification/.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-11796"
},
{
"category": "external",
"summary": "RHBZ#1639090",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1639090"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-11796",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11796"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-11796",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11796"
},
{
"category": "external",
"summary": "https://lists.apache.org/thread.html/88de8350cda9b184888ec294c813c5bd8a2081de8fd3666f8904bc05@%3Cdev.tika.apache.org%3E",
"url": "https://lists.apache.org/thread.html/88de8350cda9b184888ec294c813c5bd8a2081de8fd3666f8904bc05@%3Cdev.tika.apache.org%3E"
}
],
"release_date": "2018-10-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "tika: Incomplete fix allows for XML entity expansion resulting in denial of service"
},
{
"cve": "CVE-2018-12022",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671097"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Jodd DB connection classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Jodd classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Jodd classes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12022"
},
{
"category": "external",
"summary": "RHBZ#1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library"
},
{
"cve": "CVE-2018-12023",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671096"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Oracle JDBC classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Oracle\u0027s JDBC classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Oracle\u0027s JDBC classes.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12023"
},
{
"category": "external",
"summary": "RHBZ#1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12023",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023"
}
],
"release_date": "2018-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver"
},
{
"cve": "CVE-2018-14718",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666415"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in slf4j-ext class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in jackson-databind involves exploiting CVE-2018-1088 against slf4j, which was fixed in Red Hat products through the errata referenced at https://access.redhat.com/security/cve/cve-2018-8088. Applications that link only slf4j versions including that fix are not vulnerable to this vulnerability.\n\nRed Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle slf4j-ext jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14718"
},
{
"category": "external",
"summary": "RHBZ#1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in slf4j-ext class"
},
{
"cve": "CVE-2018-14719",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666418"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using blaze classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products are not affected by this issue as they do not bundle or provide the requisite gadget jars to exploit this vulnerability:\nRed Hat Satellite 6\nRed Hat Enterprise Virtualization 4\nRed Hat Fuse 6, 7, and Fuse Integration Services 2\nRed Hat A-MQ 6",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14719"
},
{
"category": "external",
"summary": "RHBZ#1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes"
},
{
"cve": "CVE-2018-14720",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666423"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: exfiltration/XXE in some JDK classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.\n\nRed Hat Enterprise Virtualization 4 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14720"
},
{
"category": "external",
"summary": "RHBZ#1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"Red Hat Fuse 7.5.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: exfiltration/XXE in some JDK classes"
},
{
"cve": "CVE-2018-14721",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666428"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle axis2-jaxws jar.\n\nRed Hat Virtualization is not affected by this issue, since its does not bundle axis2-jaxws jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14721"
},
{
"category": "external",
"summary": "RHBZ#1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class"
},
{
"cve": "CVE-2018-19360",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666482"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the axis2-transport-jms class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t include axis2-transport-jms jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include axis2-transport-jms jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19360"
},
{
"category": "external",
"summary": "RHBZ#1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class"
},
{
"cve": "CVE-2018-19361",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666484"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the OpenJPA class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in openjpa class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19361"
},
{
"category": "external",
"summary": "RHBZ#1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in openjpa class"
},
{
"cve": "CVE-2018-19362",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666489"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the jboss-common-core class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in jboss-common-core class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19362"
},
{
"category": "external",
"summary": "RHBZ#1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19362",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in jboss-common-core class"
},
{
"cve": "CVE-2018-1000850",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2018-12-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1663904"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Retrofit, where it allowed directory traversal via its RequestBuilder class. An attacker could use this flaw to access information or commands outside of its set permissions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "retrofit: Directory traversal in RequestBuilder allows manipulation of resources",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1000850"
},
{
"category": "external",
"summary": "RHBZ#1663904",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1663904"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1000850",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1000850"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000850",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1000850"
}
],
"release_date": "2018-10-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "retrofit: Directory traversal in RequestBuilder allows manipulation of resources"
},
{
"cve": "CVE-2019-0201",
"cwe": {
"id": "CWE-732",
"name": "Incorrect Permission Assignment for Critical Resource"
},
"discovery_date": "2019-05-20T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1715197"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Apache ZooKeeper. A lack of permission checks while retrieving ACLs allows unsalted hash values to be disclosed for unauthenticated or unprivileged users.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "zookeeper: Information disclosure in Apache ZooKeeper",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0201"
},
{
"category": "external",
"summary": "RHBZ#1715197",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1715197"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0201",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0201"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0201",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0201"
}
],
"release_date": "2019-05-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
},
{
"category": "workaround",
"details": "Use an authentication method other than Digest (e.g. Kerberos) or upgrade to zookeeper 3.4.14 or later (3.5.5 or later if on the 3.5 branch). [https://zookeeper.apache.org/security.html#CVE-2019-0201]",
"product_ids": [
"Red Hat Fuse 7.5.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "zookeeper: Information disclosure in Apache ZooKeeper"
},
{
"cve": "CVE-2019-0204",
"cwe": {
"id": "CWE-250",
"name": "Execution with Unnecessary Privileges"
},
"discovery_date": "2019-03-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1692755"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Docker image running under root user, where it is possible to overwrite the init helper binary of the container runtime or the command executor in Apache Mesos. A malicious user could use this flaw to gain root-level code execution on the host.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "mesos: docker image code execution",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-0204"
},
{
"category": "external",
"summary": "RHBZ#1692755",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1692755"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-0204",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0204"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-0204",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-0204"
}
],
"release_date": "2019-03-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "mesos: docker image code execution"
},
{
"acknowledgments": [
{
"names": [
"the Envoy security team"
]
}
],
"cve": "CVE-2019-9512",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1735645"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HTTP/2. Using PING frames and queuing of response PING ACK frames, a flood attack could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: flood using PING frames results in unbounded memory growth",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The golang package in Red Hat OpenStack Platform 9 Operational Tools will not be updated for this flaw because it is in technical preview and is retiring as of 24.Aug.2019.\nThis issue did not affect the versions of grafana(embeds golang) as shipped with Red Hat Ceph Storage 2 and Red Hat Gluster Storage 3 as they did not include the support for HTTP/2.\nThe following storage product versions are affected because they include the support for HTTP/2 in:\n* golang as shipped with Red Hat Gluster Storage 3, Red Hat Ceph Storage 2 and Red Hat Ceph Storage 3\n* heketi(embeds golang) as shipped with Red Hat Gluster Storage 3\n* grafana(embeds golang and grpc) as shipped with Red Hat Ceph Storage 3\nThis flaw has no available mitigation for packages golang and nodejs. Both packages will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.\n\nAll OpenShift Container Platform RPMs and container images that are built with Go and support HTTP/2 are vulnerable to this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9512"
},
{
"category": "external",
"summary": "RHBZ#1735645",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735645"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9512",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9512"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9512",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9512"
},
{
"category": "external",
"summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/golang-announce/65QixT3tcmg",
"url": "https://groups.google.com/forum/#!topic/golang-announce/65QixT3tcmg"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wlHLHit1BqA",
"url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wlHLHit1BqA"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html",
"url": "https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html"
}
],
"release_date": "2019-08-13T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: flood using PING frames results in unbounded memory growth"
},
{
"acknowledgments": [
{
"names": [
"the Envoy security team"
]
}
],
"cve": "CVE-2019-9514",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1735744"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HTTP/2. Using HEADER frames with invalid HTTP headers and queuing of response RST_STREAM frames, an attacker could cause a flood resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: flood using HEADERS frames results in unbounded memory growth",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The golang package in Red Hat OpenStack Platform 9 Operational Tools will not be updated for this flaw because it is in technical preview and is retiring as of 24.Aug.2019.\nThis issue did not affect the versions of grafana(embeds golang) as shipped with Red Hat Ceph Storage 2 and Red Hat Gluster Storage 3 as they did not include the support for HTTP/2.\nThe following storage product versions are affected because they include the support for HTTP/2 in:\n* golang as shipped with Red Hat Gluster Storage 3, Red Hat Ceph Storage 2 and Red Hat Ceph Storage 3\n* heketi(embeds golang) as shipped with Red Hat Gluster Storage 3\n* grafana(embeds golang and grpc) as shipped with Red Hat Ceph Storage 3\nThis flaw has no available mitigation for packages golang and nodejs. Both packages will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.\n\nAll OpenShift Container Platform RPMs and container images that are built with Go and support HTTP/2 are vulnerable to this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9514"
},
{
"category": "external",
"summary": "RHBZ#1735744",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735744"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9514",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9514"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9514",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9514"
},
{
"category": "external",
"summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/golang-announce/65QixT3tcmg",
"url": "https://groups.google.com/forum/#!topic/golang-announce/65QixT3tcmg"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wlHLHit1BqA",
"url": "https://groups.google.com/forum/#!topic/kubernetes-security-announce/wlHLHit1BqA"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html",
"url": "https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html"
}
],
"release_date": "2019-08-13T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: flood using HEADERS frames results in unbounded memory growth"
},
{
"acknowledgments": [
{
"names": [
"the Envoy security team"
]
}
],
"cve": "CVE-2019-9515",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1735745"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HTTP/2. Using SETTINGS frames and queuing of SETTINGS ACK frames, a flood could occur resulting in unbounded memory growth. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: flood using SETTINGS frames results in unbounded memory growth",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This issue affects the version of grafana(embeds gRPC) as shipped with Red Hat Ceph Storage 3 as it include the support for HTTP/2.\nThis flaw has no available mitigation for nodejs package. It will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9515"
},
{
"category": "external",
"summary": "RHBZ#1735745",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735745"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9515",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9515"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9515",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9515"
},
{
"category": "external",
"summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/"
},
{
"category": "external",
"summary": "https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html",
"url": "https://www.mail-archive.com/grpc-io@googlegroups.com/msg06408.html"
}
],
"release_date": "2019-08-13T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: flood using SETTINGS frames results in unbounded memory growth"
},
{
"acknowledgments": [
{
"names": [
"the Envoy security team"
]
}
],
"cve": "CVE-2019-9518",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"discovery_date": "2019-08-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1735749"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in HTTP/2. Using frames with an empty payload, a flood could occur that results in excessive CPU usage and starvation of other clients. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "HTTP/2: flood using empty frames results in excessive resource consumption",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This flaw has no available mitigation for nodejs package. It will be updated once the available fixes are released for Red Hat Enterprise Linux and Red Hat Software Collections.\n\nThe nodejs RPM shipped in OpenShift Container Platform 3.9 and 3.10 is not affected by this flaw as it does not contain the vulnerable code.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-9518"
},
{
"category": "external",
"summary": "RHBZ#1735749",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1735749"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-9518",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9518"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-9518",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-9518"
},
{
"category": "external",
"summary": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md",
"url": "https://github.com/Netflix/security-bulletins/blob/master/advisories/third-party/2019-002.md"
},
{
"category": "external",
"summary": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/",
"url": "https://nodejs.org/en/blog/vulnerability/aug-2019-security-releases/"
}
],
"release_date": "2019-08-13T17:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "HTTP/2: flood using empty frames results in excessive resource consumption"
},
{
"cve": "CVE-2019-10173",
"cwe": {
"id": "CWE-94",
"name": "Improper Control of Generation of Code (\u0027Code Injection\u0027)"
},
"discovery_date": "2019-06-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1722971"
}
],
"notes": [
{
"category": "description",
"text": "It was found that xstream API version 1.4.10 introduced a regression for a previous deserialization flaw. If the security framework has not been initialized, it may allow a remote attacker to run arbitrary shell commands when unmarshalling XML or any supported format. This a regression of CVE-2013-7285 fixed in 1.4.7 (fixed) as of BPMS 6.0.1, the regression was introduced with xstream-1.4.10 implemented in RHPAM.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "xstream: remote code execution due to insecure XML deserialization (regression of CVE-2013-7285)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-10173"
},
{
"category": "external",
"summary": "RHBZ#1722971",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1722971"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-10173",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-10173"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-10173",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-10173"
},
{
"category": "external",
"summary": "http://x-stream.github.io/changes.html#1.4.11",
"url": "http://x-stream.github.io/changes.html#1.4.11"
}
],
"release_date": "2018-10-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "xstream: remote code execution due to insecure XML deserialization (regression of CVE-2013-7285)"
},
{
"acknowledgments": [
{
"names": [
"Jeremy Choi"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-14860",
"cwe": {
"id": "CWE-942",
"name": "Permissive Cross-domain Policy with Untrusted Domains"
},
"discovery_date": "2019-10-09T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1761912"
}
],
"notes": [
{
"category": "description",
"text": "It was found that the Syndesis configuration for Cross-Origin Resource Sharing was set to allow all origins. An attacker could use this lack of protection to conduct phishing attacks and further access unauthorized information.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "syndesis: default CORS configuration is allow all",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14860"
},
{
"category": "external",
"summary": "RHBZ#1761912",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1761912"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14860",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14860"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14860",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14860"
}
],
"release_date": "2019-10-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "syndesis: default CORS configuration is allow all"
},
{
"cve": "CVE-2019-16869",
"cwe": {
"id": "CWE-444",
"name": "Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)"
},
"discovery_date": "2019-09-26T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1758619"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in Netty, where whitespace before the colon in HTTP headers is mishandled. This flaw allows an attacker to cause HTTP request smuggling.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform ships a vulnerable netty library as part of the logging-elasticsearch5 container. ElasticSearch\u0027s security team has stated that this vulnerability does not poses a substantial practical threat to ElasticSearch 6 [1]. We agree that this issue would be difficult to exploit these vulnerabilities on OpenShift Container Platform, so we\u0027re reducing the impact of this issue to moderate and may fix it in the future release.\n\nRed Hat Satellite ships vulnerable netty version embedded in Candlepin, however, is not directly vulnerable since HTTP requests are handled by Tomcat and not netty.\n\n[1] https://github.com/elastic/elasticsearch/issues/49396",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Red Hat Fuse 7.5.0"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16869"
},
{
"category": "external",
"summary": "RHBZ#1758619",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1758619"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16869",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16869"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16869",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16869"
}
],
"release_date": "2019-09-26T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-11-14T21:17:38+00:00",
"details": "Before applying the update, back up your existing installation, including all applications, configuration files, databases and database settings, and so on.\n\nInstallation instructions are available from the Fuse 7.5.0 product documentation page:\nhttps://access.redhat.com/documentation/en-us/red_hat_fuse/7.5/",
"product_ids": [
"Red Hat Fuse 7.5.0"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
},
{
"category": "workaround",
"details": "* Use HTTP/2 instead (clear boundaries between requests)\n* Disable reuse of backend connections eg. ```http-reuse never``` in HAProxy or whatever equivalent LB settings",
"product_ids": [
"Red Hat Fuse 7.5.0"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"Red Hat Fuse 7.5.0"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "netty: HTTP request smuggling by mishandled whitespace before the colon in HTTP headers"
}
]
}
rhsa-2021_1515
Vulnerability from csaf_redhat
Published
2021-05-06 13:38
Modified
2025-02-26 02:37
Summary
Red Hat Security Advisory: Openshift Logging Bug Fix Release (5.0.3)
Notes
Topic
Openshift Logging Bug Fix Release (5.0.3)
This release includes a security update.
Red Hat Product Security has rated this update as having a security impact
of Important. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available for each vulnerability
from the CVE link(s) in the References section.
Details
Openshift Logging Bug Fix Release (5.0.3)
Security Fix(es):
* jackson-databind: arbitrary code execution in slf4j-ext class
(CVE-2018-14718)
* jackson-databind: arbitrary code execution in blaze-ds-opt and
blaze-ds-core classes (CVE-2018-14719)
* jackson-databind: improper polymorphic deserialization in
axis2-transport-jms class (CVE-2018-19360)
* jackson-databind: improper polymorphic deserialization in openjpa class
(CVE-2018-19361)
* jackson-databind: improper polymorphic deserialization in
jboss-common-core class (CVE-2018-19362)
* jackson-databind: default typing mishandling leading to remote code
execution (CVE-2019-14379)
* jackson-databind: Serialization gadgets in
com.pastdev.httpcomponents.configuration.JndiConfiguration (CVE-2020-24750)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.apache.commons.dbcp2.datasources.PerUserPoolDataSource (CVE-2020-35490)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.apache.commons.dbcp2.datasources.SharedPoolDataSource (CVE-2020-35491)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool
(CVE-2020-35728)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS (CVE-2020-36179)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS (CVE-2020-36180)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS (CVE-2020-36181)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS (CVE-2020-36182)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool (CVE-2020-36183)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource
(CVE-2020-36184)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource
(CVE-2020-36185)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource
(CVE-2020-36186)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource
(CVE-2020-36187)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource
(CVE-2020-36188)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to
com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSourc
e (CVE-2020-36189)
* jackson-databind: mishandles the interaction between serialization
gadgets and typing, related to javax.swing (CVE-2021-20190)
* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)
* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class
(CVE-2018-14721)
* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)
* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Openshift Logging Bug Fix Release (5.0.3)\nThis release includes a security update.\n\nRed Hat Product Security has rated this update as having a security impact\nof Important. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available for each vulnerability\nfrom the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Openshift Logging Bug Fix Release (5.0.3)\n\nSecurity Fix(es):\n\n* jackson-databind: arbitrary code execution in slf4j-ext class\n(CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and\nblaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization in\naxis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class\n(CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in\njboss-common-core class (CVE-2018-19362)\n\n* jackson-databind: default typing mishandling leading to remote code\nexecution (CVE-2019-14379)\n\n* jackson-databind: Serialization gadgets in\ncom.pastdev.httpcomponents.configuration.JndiConfiguration (CVE-2020-24750)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.commons.dbcp2.datasources.PerUserPoolDataSource (CVE-2020-35490)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.commons.dbcp2.datasources.SharedPoolDataSource (CVE-2020-35491)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\ncom.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool\n(CVE-2020-35728)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\noadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS (CVE-2020-36179)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS (CVE-2020-36180)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS (CVE-2020-36181)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS (CVE-2020-36182)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool (CVE-2020-36183)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource\n(CVE-2020-36184)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource\n(CVE-2020-36185)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource\n(CVE-2020-36186)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\norg.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource\n(CVE-2020-36187)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\ncom.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource\n(CVE-2020-36188)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to\ncom.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSourc\ne (CVE-2020-36189)\n\n* jackson-databind: mishandles the interaction between serialization\ngadgets and typing, related to javax.swing (CVE-2021-20190)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class\n(CVE-2018-14721)\n\n* golang: data race in certain net/http servers including ReverseProxy can lead to DoS (CVE-2020-15586)\n\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:1515",
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "LOG-1224",
"url": "https://issues.redhat.com/browse/LOG-1224"
},
{
"category": "external",
"summary": "LOG-1232",
"url": "https://issues.redhat.com/browse/LOG-1232"
},
{
"category": "external",
"summary": "LOG-1234",
"url": "https://issues.redhat.com/browse/LOG-1234"
},
{
"category": "external",
"summary": "LOG-1299",
"url": "https://issues.redhat.com/browse/LOG-1299"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_1515.json"
}
],
"title": "Red Hat Security Advisory: Openshift Logging Bug Fix Release (5.0.3)",
"tracking": {
"current_release_date": "2025-02-26T02:37:34+00:00",
"generator": {
"date": "2025-02-26T02:37:34+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.3.1"
}
},
"id": "RHSA-2021:1515",
"initial_release_date": "2021-05-06T13:38:14+00:00",
"revision_history": [
{
"date": "2021-05-06T13:38:14+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-05-06T13:38:14+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-02-26T02:37:34+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "OpenShift Logging 5.0",
"product": {
"name": "OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:logging:5.0::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.0.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.0.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"product_id": "openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"product_id": "openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e?arch=s390x\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.0.3-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.0.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"product": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"product_id": "openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-operator-bundle\u0026tag=v5.0.3-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.0.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"product": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"product_id": "openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-operator-bundle\u0026tag=v5.0.3-6"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"product_id": "openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"product_id": "openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f?arch=amd64\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.0.3-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"product": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"product_id": "openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/cluster-logging-rhel8-operator\u0026tag=v5.0.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"product_id": "openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-rhel8-operator\u0026tag=v5.0.3-2"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"product_id": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch-proxy-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"product": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"product_id": "openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/logging-curator5-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"product": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"product_id": "openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/elasticsearch6-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"product": {
"name": "openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"product_id": "openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/eventrouter-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"product": {
"name": "openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"product_id": "openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/fluentd-rhel8\u0026tag=v5.0.3-1"
}
}
},
{
"category": "product_version",
"name": "openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"product": {
"name": "openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"product_id": "openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift-logging/kibana6-rhel8\u0026tag=v5.0.3-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64"
},
"product_reference": "openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x"
},
"product_reference": "openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64"
},
"product_reference": "openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64"
},
"product_reference": "openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
},
"product_reference": "openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64"
},
"product_reference": "openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le"
},
"product_reference": "openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le"
},
"product_reference": "openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64 as a component of OpenShift Logging 5.0",
"product_id": "8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
},
"product_reference": "openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64",
"relates_to_product_reference": "8Base-OSE-LOGGING-5.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14718",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666415"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in slf4j-ext class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in jackson-databind involves exploiting CVE-2018-1088 against slf4j, which was fixed in Red Hat products through the errata referenced at https://access.redhat.com/security/cve/cve-2018-8088. Applications that link only slf4j versions including that fix are not vulnerable to this vulnerability.\n\nRed Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle slf4j-ext jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14718"
},
{
"category": "external",
"summary": "RHBZ#1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in slf4j-ext class"
},
{
"cve": "CVE-2018-14719",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666418"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using blaze classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products are not affected by this issue as they do not bundle or provide the requisite gadget jars to exploit this vulnerability:\nRed Hat Satellite 6\nRed Hat Enterprise Virtualization 4\nRed Hat Fuse 6, 7, and Fuse Integration Services 2\nRed Hat A-MQ 6",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14719"
},
{
"category": "external",
"summary": "RHBZ#1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes"
},
{
"cve": "CVE-2018-14720",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666423"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: exfiltration/XXE in some JDK classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.\n\nRed Hat Enterprise Virtualization 4 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14720"
},
{
"category": "external",
"summary": "RHBZ#1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: exfiltration/XXE in some JDK classes"
},
{
"cve": "CVE-2018-14721",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666428"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle axis2-jaxws jar.\n\nRed Hat Virtualization is not affected by this issue, since its does not bundle axis2-jaxws jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14721"
},
{
"category": "external",
"summary": "RHBZ#1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class"
},
{
"cve": "CVE-2018-19360",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666482"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the axis2-transport-jms class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t include axis2-transport-jms jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include axis2-transport-jms jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19360"
},
{
"category": "external",
"summary": "RHBZ#1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class"
},
{
"cve": "CVE-2018-19361",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666484"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the OpenJPA class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in openjpa class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19361"
},
{
"category": "external",
"summary": "RHBZ#1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in openjpa class"
},
{
"cve": "CVE-2018-19362",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666489"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the jboss-common-core class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in jboss-common-core class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19362"
},
{
"category": "external",
"summary": "RHBZ#1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19362",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in jboss-common-core class"
},
{
"cve": "CVE-2019-14379",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-07-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1737517"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: default typing mishandling leading to remote code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nSimilarly, Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14379"
},
{
"category": "external",
"summary": "RHBZ#1737517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14379",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379"
}
],
"release_date": "2019-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: default typing mishandling leading to remote code execution"
},
{
"cve": "CVE-2020-15586",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2020-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856953"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found Go\u0027s net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) components are primarily written in Go, meaning that any component using the net/http package includes the vulnerable code. OCP server endpoints using ReverseProxy are protected by authentication, reducing the severity of this vulnerability to Low for OCP.\n\nSimilar to OCP, OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization are also primarily written in Go and are protected via authentication, reducing the severity of this vulnerability to Low.\n\nRed Hat Gluster Storage 3 and Red Hat Openshift Container Storage 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.\n\nRed Hat Ceph Storage 3 and 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15586"
},
{
"category": "external",
"summary": "RHBZ#1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ",
"url": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS"
},
{
"cve": "CVE-2020-16845",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-08-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1867099"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization components are primarily written in Go, meaning that any component using the encoding/binary package includes the vulnerable code. The affected components are behind OpenShift OAuth authentication, therefore the impact is low.\n\nRed Hat Gluster Storage 3, Red Hat OpenShift Container Storage 4 and Red Hat Ceph Storage (3 and 4) components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-16845"
},
{
"category": "external",
"summary": "RHBZ#1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-16845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo",
"url": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs"
},
{
"cve": "CVE-2020-24750",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-09-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1882310"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.6. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* OpenShift Container Platform\nThese products may update the jackson-databind dependency in a future release.\n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24750"
},
{
"category": "external",
"summary": "RHBZ#1882310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1882310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24750",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24750"
}
],
"release_date": "2020-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid com.pastdev.httpcomponents in the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration"
},
{
"cve": "CVE-2020-35490",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-12-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1909266"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, hence it has been marked wontfix at this time and may be fixed in a future update.\n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35490"
},
{
"category": "external",
"summary": "RHBZ#1909266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909266"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35490"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35490",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35490"
},
{
"category": "external",
"summary": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
"url": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2986",
"url": "https://github.com/FasterXML/jackson-databind/issues/2986"
}
],
"release_date": "2020-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid org.apache.commons.dbcp2.datasources.PerUserPoolDataSource and org.apache.commons.dbcp2.datasources.SharedPoolDataSource in the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource"
},
{
"cve": "CVE-2020-35491",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-12-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1909269"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, hence it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35491"
},
{
"category": "external",
"summary": "RHBZ#1909269",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909269"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35491"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35491",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35491"
},
{
"category": "external",
"summary": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
"url": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2986",
"url": "https://github.com/FasterXML/jackson-databind/issues/2986"
}
],
"release_date": "2020-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid org.apache.commons.dbcp2.datasources.PerUserPoolDataSource and org.apache.commons.dbcp2.datasources.SharedPoolDataSource in the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource"
},
{
"cve": "CVE-2020-35728",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-12-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1911502"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat Products ship jackson-databind version 2.10.0 or later which is not considered affected by this CVE (see https://medium.com/@cowtowncoder/jackson-2-10-safe-default-typing-2d018f0ce2ba) \n* JBoss Data Grid 7\n* JBoss Data Grid 8\n* Enterprise Application Platform 7\n* Red Hat Decision Manager 7\n* Red Hat Process Automation Manager 7\n* Red Hat Single Sign-On (RH-SSO) 7\n* Red Hat JBoss Fuse 7\n* Red Hat JBoss A-MQ\n* Red Hat Enterprise Linux 8\n* Red Hat Satellite 6.6\n* Red Hat Satellite 6.7\n* Red Hat Satellite 6.8\n* Red Hat CodeReady Studio 12\n\nRed Hat OpenShift Container Platform and Red Hat OpenStack Platform does ship the vulnerable components, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, hence it has been marked wontfix at this time and may be fixed in a future update.\n\nRed Hat OpenStack Platform 13 ships OpenDaylight, which contains the vulnerable jackson-databind, but does not expose jackson-databind in a way that would make it exploitable. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35728"
},
{
"category": "external",
"summary": "RHBZ#1911502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1911502"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35728",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35728"
},
{
"category": "external",
"summary": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
"url": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2999",
"url": "https://github.com/FasterXML/jackson-databind/issues/2999"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool in the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool"
},
{
"cve": "CVE-2020-36179",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913871"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36179"
},
{
"category": "external",
"summary": "RHBZ#1913871",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913871"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36179",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36179"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36179",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36179"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/3004",
"url": "https://github.com/FasterXML/jackson-databind/issues/3004"
}
],
"release_date": "2020-12-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS"
},
{
"cve": "CVE-2020-36180",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36180"
},
{
"category": "external",
"summary": "RHBZ#1913872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36180",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36180"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/3004",
"url": "https://github.com/FasterXML/jackson-databind/issues/3004"
}
],
"release_date": "2020-12-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS"
},
{
"cve": "CVE-2020-36181",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913874"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but does not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36181"
},
{
"category": "external",
"summary": "RHBZ#1913874",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913874"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36181",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36181"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36181",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36181"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/3004",
"url": "https://github.com/FasterXML/jackson-databind/issues/3004"
}
],
"release_date": "2020-12-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS"
},
{
"cve": "CVE-2020-36182",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913926"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36182"
},
{
"category": "external",
"summary": "RHBZ#1913926",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913926"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36182",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36182"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36182",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36182"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/3004",
"url": "https://github.com/FasterXML/jackson-databind/issues/3004"
}
],
"release_date": "2020-12-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS"
},
{
"cve": "CVE-2020-36183",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913927"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36183"
},
{
"category": "external",
"summary": "RHBZ#1913927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913927"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36183",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36183"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/3003",
"url": "https://github.com/FasterXML/jackson-databind/issues/3003"
}
],
"release_date": "2020-12-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool"
},
{
"cve": "CVE-2020-36184",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913928"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36184"
},
{
"category": "external",
"summary": "RHBZ#1913928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36184",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36184"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2998",
"url": "https://github.com/FasterXML/jackson-databind/issues/2998"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource"
},
{
"cve": "CVE-2020-36185",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913929"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and maybe fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36185"
},
{
"category": "external",
"summary": "RHBZ#1913929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913929"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36185",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36185"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36185",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36185"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2998",
"url": "https://github.com/FasterXML/jackson-databind/issues/2998"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource"
},
{
"cve": "CVE-2020-36186",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913931"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and maybe fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contain the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36186"
},
{
"category": "external",
"summary": "RHBZ#1913931",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913931"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36186",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36186"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2997",
"url": "https://github.com/FasterXML/jackson-databind/issues/2997"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource"
},
{
"cve": "CVE-2020-36187",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913933"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and maybe fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contain the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36187"
},
{
"category": "external",
"summary": "RHBZ#1913933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913933"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36187",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36187"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36187",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36187"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2997",
"url": "https://github.com/FasterXML/jackson-databind/issues/2997"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource"
},
{
"cve": "CVE-2020-36188",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913934"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, hence it has been marked wontfix at this time and maybe fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but they do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36188"
},
{
"category": "external",
"summary": "RHBZ#1913934",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913934"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36188",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36188"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36188",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36188"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2996",
"url": "https://github.com/FasterXML/jackson-databind/issues/2996"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource"
},
{
"cve": "CVE-2020-36189",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913937"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and maybe fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36189"
},
{
"category": "external",
"summary": "RHBZ#1913937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913937"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36189"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2996",
"url": "https://github.com/FasterXML/jackson-databind/issues/2996"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource"
},
{
"cve": "CVE-2021-20190",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-01-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1916633"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* CodeReady WorkSpaces Server Container\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"known_not_affected": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20190"
},
{
"category": "external",
"summary": "RHBZ#1916633",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1916633"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20190"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20190",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20190"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-5949-rw7g-wx7w",
"url": "https://github.com/advisories/GHSA-5949-rw7g-wx7w"
}
],
"release_date": "2021-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-05-06T13:38:14+00:00",
"details": "For OpenShift Container Platform 4.7 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this errata update:\n\nhttps://docs.openshift.com/container-platform/4.7/release_notes/ocp-4-7-release-notes.html\n\nFor Red Hat OpenShift Logging 5.0, see the following instructions to apply this update:\n\nhttps://docs.openshift.com/container-platform/4.7/logging/cluster-logging-upgrading.html",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1515"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid javax.swing in the classpath",
"product_ids": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-operator-bundle@sha256:523e689589595cff9ee11393506309c00d23bf8fb945e1475aeeffea3d517897_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:0b3edcd073a1f331c011ebcd4aaa8371f9114b78a48e590df450e1e9006404c3_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:c143f6d1ec4d3d9a917a99c65815752e24e93a5be212c8d41a7f945ffffa67cf_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/cluster-logging-rhel8-operator@sha256:f42594e7760bf45ccba9d0494391b07b355d147a8ccfae3db602bceb74d8e35f_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-operator-bundle@sha256:1a88af8ae614593144ab405214444d954aa97ba13baa6ccf3b3498b424f983df_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:667a65330c7ed33805c30896ff9fa979c1aeed8883eb31750af9802f6feb7034_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:a78c13c0c3f17432dee6d22756d6656afffe33081a1db5fad0ab68798fb92580_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-proxy-rhel8@sha256:b2359332ffb463d8af90bcc6871b0a5ff4e79ce82243ba89ace96e18e05964fa_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0264dd99af5af4a7a30c2b5830e52980fc59d050cc940f191b32e09df284292a_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:0dc6a56baad15c9fa6d0669f6f59ba1c6b444ef75e5d2893fa4bdd970bdfe88b_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch-rhel8-operator@sha256:af5c18868820a4d139ad9c7d6a1d0a78396d96deb455b00a918c7eaf2ffbaa8b_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:30491b87e69ba242c3eacb607c71c13a9957962c0ae75d63fbb1f7aff12e268b_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:614d1860d95c7e9a84ee68bb507f9970d0af63a7df3e744bd5e5a08a2a617914_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/elasticsearch6-rhel8@sha256:9dbe9316331f9b7725f39d00dc2bc8433482750c8178066b002682894f92ed87_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:3b08518f62a113a06a16ca3bcccbc128703f34815d66162426daabfd9740b2c4_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:4e8a4d0bf152d8f50114d13ce51868506570825123b8df4eed426f524c01bde3_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/eventrouter-rhel8@sha256:7a17b1b04fd0d9ae66ad0dfaacbf9bebe44f77449763cd82bd172551c8dd5906_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:508186184b17d924659ad9dcaa468cd4086bbe958b4dac1a6297e7cd4f88a418_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:c9d56d0bfd800bd72c990829b81676a261c288f783ab44788feffdaa00bd069c_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/fluentd-rhel8@sha256:ea0fb56298089dfd6ea04c4933e6e15668fe422b60b521cf1388783797ac7852_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:06f31605e19bd7f702e403b815b961f125d92466e208428547069b3712c7a20e_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:6348d3a07a76aa6eb90d1689cdf67a45559e752aec70d06261596f09d7ebca4f_amd64",
"8Base-OSE-LOGGING-5.0:openshift-logging/kibana6-rhel8@sha256:c140c1da34f8cb38864f92201ac8c9aa6981318d1bd4ebf87cea698fdb80a6d7_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:7904a53e3117acf2baeae3911c6d1cdfb78964080bf5ff3ff5bff531ca6ef366_ppc64le",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:adbab231c9403261c85b6e4ff2c81c0d19e206106df60fd1551c9e30cb2d83f7_s390x",
"8Base-OSE-LOGGING-5.0:openshift-logging/logging-curator5-rhel8@sha256:bb16d7f7ef2310afacf12a11808c3b792ed1f30929ef9a62ff9b094d3d8512cc_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing"
}
]
}
rhsa-2019_0782
Vulnerability from csaf_redhat
Published
2019-04-17 21:03
Modified
2025-01-19 19:44
Summary
Red Hat Security Advisory: rh-maven35-jackson-databind security update
Notes
Topic
An update for rh-maven35-jackson-databind is now available for Red Hat Software Collections.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API.
Security Fix(es):
* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)
* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)
* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)
* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)
* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)
* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)
* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)
* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)
* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)
* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for rh-maven35-jackson-databind is now available for Red Hat Software Collections.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API.\n\nSecurity Fix(es):\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:0782",
"url": "https://access.redhat.com/errata/RHSA-2019:0782"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_0782.json"
}
],
"title": "Red Hat Security Advisory: rh-maven35-jackson-databind security update",
"tracking": {
"current_release_date": "2025-01-19T19:44:42+00:00",
"generator": {
"date": "2025-01-19T19:44:42+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2019:0782",
"initial_release_date": "2019-04-17T21:03:00+00:00",
"revision_history": [
{
"date": "2019-04-17T21:03:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-04-17T21:03:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:44:42+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product": {
"name": "Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_software_collections:3::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Software Collections"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"product": {
"name": "rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"product_id": "rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-maven35-jackson-databind-javadoc@2.7.6-2.5.el7?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"product": {
"name": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"product_id": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-maven35-jackson-databind@2.7.6-2.5.el7?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"product": {
"name": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"product_id": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/rh-maven35-jackson-databind@2.7.6-2.5.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch"
},
"product_reference": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src"
},
"product_reference": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
},
"product_reference": "rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"relates_to_product_reference": "7Server-Alt-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch"
},
"product_reference": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src"
},
"product_reference": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.4)",
"product_id": "7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
},
"product_reference": "rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch"
},
"product_reference": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src"
},
"product_reference": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.5)",
"product_id": "7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
},
"product_reference": "rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.5.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch"
},
"product_reference": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src"
},
"product_reference": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.6)",
"product_id": "7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
},
"product_reference": "rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.2-7.6.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch"
},
"product_reference": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src"
},
"product_reference": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
},
"product_reference": "rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"relates_to_product_reference": "7Server-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch"
},
"product_reference": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src"
},
"product_reference": "rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch as a component of Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
},
"product_reference": "rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"relates_to_product_reference": "7Workstation-RHSCL-3.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-11307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1677341"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using MyBatis classes when using DefaultTyping. An attacker could use this flaw to achieve content exfiltration and possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load MyBatis classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include MyBatis classes.\n\nRed Hat Fuse 6 and 7 are not directly affected by this issue, as although they do ship the vulnerable jackson-databind component, they do not enable polymorphic deserialization or default typing which are required for exploitability. Their impacts have correspondingly been reduced to Moderate. Future updates may address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-11307"
},
{
"category": "external",
"summary": "RHBZ#1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307"
}
],
"release_date": "2018-05-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-04-17T21:03:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:0782"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis"
},
{
"cve": "CVE-2018-12022",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671097"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Jodd DB connection classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Jodd classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Jodd classes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12022"
},
{
"category": "external",
"summary": "RHBZ#1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-04-17T21:03:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:0782"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library"
},
{
"cve": "CVE-2018-12023",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671096"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Oracle JDBC classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Oracle\u0027s JDBC classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Oracle\u0027s JDBC classes.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12023"
},
{
"category": "external",
"summary": "RHBZ#1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12023",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023"
}
],
"release_date": "2018-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-04-17T21:03:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:0782"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver"
},
{
"cve": "CVE-2018-14718",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666415"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in slf4j-ext class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in jackson-databind involves exploiting CVE-2018-1088 against slf4j, which was fixed in Red Hat products through the errata referenced at https://access.redhat.com/security/cve/cve-2018-8088. Applications that link only slf4j versions including that fix are not vulnerable to this vulnerability.\n\nRed Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle slf4j-ext jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14718"
},
{
"category": "external",
"summary": "RHBZ#1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-04-17T21:03:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:0782"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in slf4j-ext class"
},
{
"cve": "CVE-2018-14719",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666418"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using blaze classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products are not affected by this issue as they do not bundle or provide the requisite gadget jars to exploit this vulnerability:\nRed Hat Satellite 6\nRed Hat Enterprise Virtualization 4\nRed Hat Fuse 6, 7, and Fuse Integration Services 2\nRed Hat A-MQ 6",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14719"
},
{
"category": "external",
"summary": "RHBZ#1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-04-17T21:03:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:0782"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes"
},
{
"cve": "CVE-2018-14720",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666423"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: exfiltration/XXE in some JDK classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.\n\nRed Hat Enterprise Virtualization 4 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14720"
},
{
"category": "external",
"summary": "RHBZ#1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-04-17T21:03:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:0782"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: exfiltration/XXE in some JDK classes"
},
{
"cve": "CVE-2018-14721",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666428"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle axis2-jaxws jar.\n\nRed Hat Virtualization is not affected by this issue, since its does not bundle axis2-jaxws jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14721"
},
{
"category": "external",
"summary": "RHBZ#1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-04-17T21:03:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:0782"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class"
},
{
"cve": "CVE-2018-19360",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666482"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the axis2-transport-jms class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t include axis2-transport-jms jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include axis2-transport-jms jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19360"
},
{
"category": "external",
"summary": "RHBZ#1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-04-17T21:03:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:0782"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class"
},
{
"cve": "CVE-2018-19361",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666484"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the OpenJPA class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in openjpa class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19361"
},
{
"category": "external",
"summary": "RHBZ#1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-04-17T21:03:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:0782"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in openjpa class"
},
{
"cve": "CVE-2018-19362",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666489"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the jboss-common-core class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in jboss-common-core class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19362"
},
{
"category": "external",
"summary": "RHBZ#1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19362",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-04-17T21:03:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:0782"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-Alt-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.4.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.5.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2-7.6.Z:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Server-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.noarch",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-0:2.7.6-2.5.el7.src",
"7Workstation-RHSCL-3.2:rh-maven35-jackson-databind-javadoc-0:2.7.6-2.5.el7.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in jboss-common-core class"
}
]
}
rhsa-2019_1107
Vulnerability from csaf_redhat
Published
2019-05-08 12:09
Modified
2025-01-19 19:44
Summary
Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.1 on RHEL 6 security update
Notes
Topic
An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on JBoss Application Server 7.
This release of Red Hat JBoss Enterprise Application Platform 7.2.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.0, and includes bug fixes and enhancements. Refer to the Red Hat JBoss Enterprise Application Platform 7.2.1 Release Notes for information on the most significant bug fixes and enhancements included in this release.
Security Fix(es):
* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)
* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)
* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)
* undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer (CVE-2018-14642)
* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)
* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)
* wildfly: Race condition on PID file allows for termination of arbitrary processes by local users (CVE-2019-3805)
* wildfly: wrong SecurityIdentity for EE concurrency threads that are reused (CVE-2019-3894)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update is now available for Red Hat JBoss Enterprise Application Platform 7.2 for Red Hat Enterprise Linux 6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on JBoss Application Server 7. \n\nThis release of Red Hat JBoss Enterprise Application Platform 7.2.1 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.0, and includes bug fixes and enhancements. Refer to the Red Hat JBoss Enterprise Application Platform 7.2.1 Release Notes for information on the most significant bug fixes and enhancements included in this release.\n\nSecurity Fix(es):\n\n* jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis (CVE-2018-11307)\n\n* jackson-databind: improper polymorphic deserialization of types from Jodd-db library (CVE-2018-12022)\n\n* jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver (CVE-2018-12023)\n\n* undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer (CVE-2018-14642)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\n* wildfly: Race condition on PID file allows for termination of arbitrary processes by local users (CVE-2019-3805)\n\n* wildfly: wrong SecurityIdentity for EE concurrency threads that are reused (CVE-2019-3894)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2019:1107",
"url": "https://access.redhat.com/errata/RHSA-2019:1107"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_jboss_enterprise_application_platform/7.2/html-single/installation_guide/"
},
{
"category": "external",
"summary": "1628702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1628702"
},
{
"category": "external",
"summary": "1660263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660263"
},
{
"category": "external",
"summary": "1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "1682108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1682108"
},
{
"category": "external",
"summary": "JBEAP-14861",
"url": "https://issues.redhat.com/browse/JBEAP-14861"
},
{
"category": "external",
"summary": "JBEAP-15392",
"url": "https://issues.redhat.com/browse/JBEAP-15392"
},
{
"category": "external",
"summary": "JBEAP-15477",
"url": "https://issues.redhat.com/browse/JBEAP-15477"
},
{
"category": "external",
"summary": "JBEAP-15478",
"url": "https://issues.redhat.com/browse/JBEAP-15478"
},
{
"category": "external",
"summary": "JBEAP-15568",
"url": "https://issues.redhat.com/browse/JBEAP-15568"
},
{
"category": "external",
"summary": "JBEAP-15617",
"url": "https://issues.redhat.com/browse/JBEAP-15617"
},
{
"category": "external",
"summary": "JBEAP-15622",
"url": "https://issues.redhat.com/browse/JBEAP-15622"
},
{
"category": "external",
"summary": "JBEAP-15748",
"url": "https://issues.redhat.com/browse/JBEAP-15748"
},
{
"category": "external",
"summary": "JBEAP-15805",
"url": "https://issues.redhat.com/browse/JBEAP-15805"
},
{
"category": "external",
"summary": "JBEAP-15851",
"url": "https://issues.redhat.com/browse/JBEAP-15851"
},
{
"category": "external",
"summary": "JBEAP-15869",
"url": "https://issues.redhat.com/browse/JBEAP-15869"
},
{
"category": "external",
"summary": "JBEAP-15876",
"url": "https://issues.redhat.com/browse/JBEAP-15876"
},
{
"category": "external",
"summary": "JBEAP-16025",
"url": "https://issues.redhat.com/browse/JBEAP-16025"
},
{
"category": "external",
"summary": "JBEAP-16037",
"url": "https://issues.redhat.com/browse/JBEAP-16037"
},
{
"category": "external",
"summary": "JBEAP-16086",
"url": "https://issues.redhat.com/browse/JBEAP-16086"
},
{
"category": "external",
"summary": "JBEAP-16090",
"url": "https://issues.redhat.com/browse/JBEAP-16090"
},
{
"category": "external",
"summary": "JBEAP-16091",
"url": "https://issues.redhat.com/browse/JBEAP-16091"
},
{
"category": "external",
"summary": "JBEAP-16112",
"url": "https://issues.redhat.com/browse/JBEAP-16112"
},
{
"category": "external",
"summary": "JBEAP-16122",
"url": "https://issues.redhat.com/browse/JBEAP-16122"
},
{
"category": "external",
"summary": "JBEAP-16123",
"url": "https://issues.redhat.com/browse/JBEAP-16123"
},
{
"category": "external",
"summary": "JBEAP-16124",
"url": "https://issues.redhat.com/browse/JBEAP-16124"
},
{
"category": "external",
"summary": "JBEAP-16125",
"url": "https://issues.redhat.com/browse/JBEAP-16125"
},
{
"category": "external",
"summary": "JBEAP-16137",
"url": "https://issues.redhat.com/browse/JBEAP-16137"
},
{
"category": "external",
"summary": "JBEAP-16146",
"url": "https://issues.redhat.com/browse/JBEAP-16146"
},
{
"category": "external",
"summary": "JBEAP-16147",
"url": "https://issues.redhat.com/browse/JBEAP-16147"
},
{
"category": "external",
"summary": "JBEAP-16233",
"url": "https://issues.redhat.com/browse/JBEAP-16233"
},
{
"category": "external",
"summary": "JBEAP-16259",
"url": "https://issues.redhat.com/browse/JBEAP-16259"
},
{
"category": "external",
"summary": "JBEAP-16276",
"url": "https://issues.redhat.com/browse/JBEAP-16276"
},
{
"category": "external",
"summary": "JBEAP-16321",
"url": "https://issues.redhat.com/browse/JBEAP-16321"
},
{
"category": "external",
"summary": "JBEAP-16347",
"url": "https://issues.redhat.com/browse/JBEAP-16347"
},
{
"category": "external",
"summary": "JBEAP-16356",
"url": "https://issues.redhat.com/browse/JBEAP-16356"
},
{
"category": "external",
"summary": "JBEAP-16367",
"url": "https://issues.redhat.com/browse/JBEAP-16367"
},
{
"category": "external",
"summary": "JBEAP-16368",
"url": "https://issues.redhat.com/browse/JBEAP-16368"
},
{
"category": "external",
"summary": "JBEAP-16369",
"url": "https://issues.redhat.com/browse/JBEAP-16369"
},
{
"category": "external",
"summary": "JBEAP-16381",
"url": "https://issues.redhat.com/browse/JBEAP-16381"
},
{
"category": "external",
"summary": "JBEAP-16418",
"url": "https://issues.redhat.com/browse/JBEAP-16418"
},
{
"category": "external",
"summary": "JBEAP-9657",
"url": "https://issues.redhat.com/browse/JBEAP-9657"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2019/rhsa-2019_1107.json"
}
],
"title": "Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.1 on RHEL 6 security update",
"tracking": {
"current_release_date": "2025-01-19T19:44:48+00:00",
"generator": {
"date": "2025-01-19T19:44:48+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.6"
}
},
"id": "RHSA-2019:1107",
"initial_release_date": "2019-05-08T12:09:57+00:00",
"revision_history": [
{
"date": "2019-05-08T12:09:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2019-05-08T12:09:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-01-19T19:44:48+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product": {
"name": "Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:jboss_enterprise_application_platform:7.2::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat JBoss Enterprise Application Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet-core@1.3.2-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.2-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.15-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting-jmx@3.0.1-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-compensations@5.9.1-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-integration@5.9.1-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-util@5.9.1-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-api@5.9.1-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-restat-bridge@5.9.1-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-idlj@5.9.1-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.1-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbosstxbridge@5.9.1-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jbossxts@5.9.1-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-jts-integration@5.9.1-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana-txframework@5.9.1-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_id": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-16.SP12_redhat_4.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_id": "eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-wildfly8@2.5.5-16.SP12_redhat_4.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_id": "eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-impl@2.5.5-16.SP12_redhat_4.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product": {
"name": "eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_id": "eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-common@2.5.5-16.SP12_redhat_4.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product": {
"name": "eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_id": "eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-api@2.5.5-16.SP12_redhat_4.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product": {
"name": "eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_id": "eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-api@2.5.5-16.SP12_redhat_4.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product": {
"name": "eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_id": "eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-impl@2.5.5-16.SP12_redhat_4.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_id": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-16.SP12_redhat_4.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_id": "eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-idm-simple-schema@2.5.5-16.SP12_redhat_4.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product": {
"name": "eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_id": "eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-config@2.5.5-16.SP12_redhat_4.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-istack-commons-tools@3.0.7-2.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-istack-commons-runtime@3.0.7-2.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-sun-istack-commons@3.0.7-2.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-rt@3.2.7-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.2.7-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-services@3.2.7-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-tools@3.2.7-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.4.1-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-commons-lang@3.8.0-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-server@1.2.4-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.8-2.redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-byte-buddy@1.9.5-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-json-provider@2.9.8-2.redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-base@2.9.8-2.redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-ejb-client@1.0.13-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client-common@1.0.13-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-naming-client@1.0.13-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-transaction-client@1.0.13-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-httpcomponents-asyncclient@4.1.4-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.8-2.redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.8-1.redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-module-jaxb-annotations@2.9.8-1.redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-client-hotrod@9.3.6-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-commons@9.3.6-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-core@9.3.6-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-jdbc@9.3.6-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-v53@9.3.6-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-cachestore-remote@9.3.6-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-commons@9.3.6-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@9.3.6-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan-hibernate-cache-spi@9.3.6-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.8-2.redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-yasson@1.0.2-1.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.8-1.redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jsr310@2.9.8-1.redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-datatype-jdk8@2.9.8-1.redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-core@5.3.9-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.9-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-entitymanager@5.3.9-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-java8@5.3.9-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate-envers@5.3.9-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.6.2-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"product_id": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.1-2.Final_redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jsapi@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-crypto@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-multipart-provider@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxrs@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-atom-provider@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jose-jwt@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-cdi@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-validator-provider-11@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-p-provider@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson2-provider@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jettison-provider@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jackson-provider@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-rxjava2@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-yaml-provider@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-client-microprofile@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-spring@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-jaxb-provider@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy-json-binding-provider@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.3-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-spi@1.4.15-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-impl@1.4.15-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-deployers-common@1.4.15-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.15-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-jdbc@1.4.15-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-impl@1.4.15-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-common-api@1.4.15-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-validator@1.4.15-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar-core-api@1.4.15-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-cxf-xjc-boolean@3.2.3-2.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-cxf-xjc-runtime@3.2.3-2.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-cxf-xjc-ts@3.2.3-2.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-xjc-utils@3.2.3-2.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-cxf-xjc-bug986@3.2.3-2.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"product": {
"name": "eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"product_id": "eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-cxf-xjc-dv@3.2.3-2.redhat_00002.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.19-1.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hqclient-protocol@2.6.3-5.redhat_00020.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-native@2.6.3-5.redhat_00020.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-selector@2.6.3-5.redhat_00020.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-ra@2.6.3-5.redhat_00020.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-core-client@2.6.3-5.redhat_00020.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-hornetq-protocol@2.6.3-5.redhat_00020.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-commons@2.6.3-5.redhat_00020.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-journal@2.6.3-5.redhat_00020.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.6.3-5.redhat_00020.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-server@2.6.3-5.redhat_00020.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-service-extensions@2.6.3-5.redhat_00020.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jms-client@2.6.3-5.redhat_00020.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-jdbc-store@2.6.3-5.redhat_00020.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-tools@2.6.3-5.redhat_00020.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-cli@2.6.3-5.redhat_00020.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-server@2.6.3-5.redhat_00020.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product": {
"name": "eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_id": "eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis-dto@2.6.3-5.redhat_00020.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0-to-eap7.2@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.1-to-eap7.2@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-cli@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly13.0-server@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.2@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly12.0-to-eap7.2@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0-to-eap7.2@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.0@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly10.0-to-eap7.2@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap6.4-to-eap7.2@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-core@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-eap7.1-to-eap7.2@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly8.2-to-eap7.2@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly9.0@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration-wildfly11.0-to-eap7.2@1.3.0-7.Final_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.7-3.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-el-api_3.0_spec@1.0.13-2.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"product_id": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-dom4j@2.1.1-2.redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.7-2.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"product": {
"name": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"product_id": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-security-negotiation@3.0.5-2.Final_redhat_00001.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-modules@7.2.1-6.GA_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-javadocs@7.2.1-6.GA_redhat_00004.1.el6eap?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"product": {
"name": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"product_id": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.1-6.GA_redhat_00004.1.el6eap?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jberet@1.3.2-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-ejb-client@4.0.15-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-remoting-jmx@3.0.1-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-narayana@5.9.1-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"product": {
"name": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"product_id": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-bindings@2.5.5-16.SP12_redhat_4.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"product": {
"name": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"product_id": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-picketlink-federation@2.5.5-16.SP12_redhat_4.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"product_id": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-sun-istack-commons@3.0.7-2.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf@3.2.7-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron-tool@1.4.1-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-commons-lang@3.8.0-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-elytron-web@1.2.4-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"product": {
"name": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"product_id": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-annotations@2.9.8-2.redhat_00004.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-byte-buddy@1.9.5-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"product": {
"name": "eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"product_id": "eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-jaxrs-providers@2.9.8-2.redhat_00004.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-http-client@1.0.13-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-httpcomponents-asyncclient@4.1.4-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"product": {
"name": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"product_id": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-core@2.9.8-2.redhat_00004.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"product": {
"name": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"product_id": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-base@2.9.8-1.redhat_00004.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-infinispan@9.3.6-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"product": {
"name": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"product_id": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-databind@2.9.8-2.redhat_00004.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src",
"product_id": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-yasson@1.0.2-1.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"product": {
"name": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"product_id": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jackson-modules-java8@2.9.8-1.redhat_00004.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"product": {
"name": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"product_id": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-hibernate@5.3.9-2.Final_redhat_00002.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-elytron@1.6.2-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"product": {
"name": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"product_id": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-genericjms@2.0.1-2.Final_redhat_00002.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"product_id": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-resteasy@3.6.1-4.SP3_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly-transaction-client@1.1.3-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-ironjacamar@1.4.15-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"product": {
"name": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"product_id": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-apache-cxf-xjc-utils@3.2.3-2.redhat_00002.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow@2.0.19-1.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"product": {
"name": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"product_id": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-activemq-artemis@2.6.3-5.redhat_00020.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"product": {
"name": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"product_id": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-server-migration@1.3.0-7.Final_redhat_00004.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"product": {
"name": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"product_id": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@2.6.3-15.redhat_00020.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-logmanager@2.1.7-3.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-el-api_3.0_spec@1.0.13-2.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"product_id": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-dom4j@2.1.1-2.redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-undertow-jastow@2.0.7-2.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"product": {
"name": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"product_id": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-jboss-security-negotiation@3.0.5-2.Final_redhat_00001.1.el6eap?arch=src"
}
}
},
{
"category": "product_version",
"name": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"product": {
"name": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"product_id": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-wildfly@7.2.1-6.GA_redhat_00004.1.el6eap?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"product": {
"name": "eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"product_id": "eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native-wildfly@2.6.3-15.redhat_00020.el6eap?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"product": {
"name": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"product_id": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/eap7-artemis-native@2.6.3-15.redhat_00020.el6eap?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src"
},
"product_reference": "eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch"
},
"product_reference": "eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src"
},
"product_reference": "eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src"
},
"product_reference": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64 as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64"
},
"product_reference": "eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64 as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64"
},
"product_reference": "eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src"
},
"product_reference": "eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src"
},
"product_reference": "eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src"
},
"product_reference": "eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src"
},
"product_reference": "eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src"
},
"product_reference": "eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src"
},
"product_reference": "eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src"
},
"product_reference": "eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src"
},
"product_reference": "eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src"
},
"product_reference": "eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch"
},
"product_reference": "eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src"
},
"product_reference": "eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch"
},
"product_reference": "eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch"
},
"product_reference": "eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src"
},
"product_reference": "eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch"
},
"product_reference": "eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch"
},
"product_reference": "eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch"
},
"product_reference": "eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch"
},
"product_reference": "eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch"
},
"product_reference": "eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src"
},
"product_reference": "eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch"
},
"product_reference": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"relates_to_product_reference": "6Server-JBEAP-7.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src as a component of Red Hat JBoss EAP 7.2 for RHEL 6 Server",
"product_id": "6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
},
"product_reference": "eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src",
"relates_to_product_reference": "6Server-JBEAP-7.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-11307",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-02-14T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1677341"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using MyBatis classes when using DefaultTyping. An attacker could use this flaw to achieve content exfiltration and possibly conduct further attacks.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load MyBatis classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include MyBatis classes.\n\nRed Hat Fuse 6 and 7 are not directly affected by this issue, as although they do ship the vulnerable jackson-databind component, they do not enable polymorphic deserialization or default typing which are required for exploitability. Their impacts have correspondingly been reduced to Moderate. Future updates may address this flaw.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-11307"
},
{
"category": "external",
"summary": "RHBZ#1677341",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1677341"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-11307",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-11307"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-11307"
}
],
"release_date": "2018-05-10T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:09:57+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1107"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: Potential information exfiltration with default typing, serialization gadget from MyBatis"
},
{
"cve": "CVE-2018-12022",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671097"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Jodd DB connection classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Jodd classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Jodd classes.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12022"
},
{
"category": "external",
"summary": "RHBZ#1671097",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671097"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12022",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12022"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12022"
}
],
"release_date": "2018-05-29T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:09:57+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1107"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Jodd-db library"
},
{
"cve": "CVE-2018-12023",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1671096"
}
],
"notes": [
{
"category": "description",
"text": "A vulnerability was discovered in jackson-databind where it would permit deserialization of a malicious object using Oracle JDBC classes when using DefaultTyping. An attacker could use this flaw to achieve remote code execution under certain circumstances.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since Candlepin\u0027s java runtime environment does not load Oracle\u0027s JDBC classes.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not load Oracle\u0027s JDBC classes.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-12023"
},
{
"category": "external",
"summary": "RHBZ#1671096",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1671096"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-12023",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-12023"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-12023"
}
],
"release_date": "2018-06-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:09:57+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1107"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization of types from Oracle JDBC driver"
},
{
"cve": "CVE-2018-14642",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"discovery_date": "2018-09-13T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1628702"
}
],
"notes": [
{
"category": "description",
"text": "An information leak vulnerability was found in Undertow. If all headers are not written out in the first write() call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14642"
},
{
"category": "external",
"summary": "RHBZ#1628702",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1628702"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14642",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14642"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14642",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14642"
}
],
"release_date": "2018-09-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:09:57+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1107"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "undertow: Infoleak in some circumstances where Undertow can serve data from a random buffer"
},
{
"cve": "CVE-2018-14720",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666423"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: exfiltration/XXE in some JDK classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.\n\nRed Hat Enterprise Virtualization 4 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14720"
},
{
"category": "external",
"summary": "RHBZ#1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:09:57+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1107"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: exfiltration/XXE in some JDK classes"
},
{
"cve": "CVE-2018-14721",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666428"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle axis2-jaxws jar.\n\nRed Hat Virtualization is not affected by this issue, since its does not bundle axis2-jaxws jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14721"
},
{
"category": "external",
"summary": "RHBZ#1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:09:57+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1107"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class"
},
{
"acknowledgments": [
{
"names": [
"Daniel Le Gall"
],
"organization": "SCRT Information Security"
}
],
"cve": "CVE-2019-3805",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"discovery_date": "2018-11-01T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1660263"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in wildfly that would allow local users, who are able to execute init.d script, to terminate arbitrary processes on the system. An attacker could exploit this by modifying the PID file in /var/run/jboss-eap/ allowing the init.d script to terminate any process as root.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: Race condition on PID file allows for termination of arbitrary processes by local users",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3805"
},
{
"category": "external",
"summary": "RHBZ#1660263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1660263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3805",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3805"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3805",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3805"
}
],
"release_date": "2019-04-30T17:12:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:09:57+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1107"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: Race condition on PID file allows for termination of arbitrary processes by local users"
},
{
"acknowledgments": [
{
"names": [
"James Perkins"
],
"organization": "Red Hat",
"summary": "This issue was discovered by Red Hat."
}
],
"cve": "CVE-2019-3894",
"cwe": {
"id": "CWE-358",
"name": "Improperly Implemented Security Check for Standard"
},
"discovery_date": "2019-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1682108"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the ElytronManagedThread in Wildfly\u0027s Elytron subsystem stores a SecurityIdentity to run the thread with that security identity. As these threads do not necessarily terminate if the \u0027keep alive\u0027 time has not expired, this could allow a shared thread to use the wrong security identity when executing.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "wildfly: wrong SecurityIdentity for EE concurrency threads that are reused",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-3894"
},
{
"category": "external",
"summary": "RHBZ#1682108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1682108"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-3894",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-3894"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-3894",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-3894"
}
],
"release_date": "2019-04-30T17:11:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2019-05-08T12:09:57+00:00",
"details": "Before applying this update, back up your existing Red Hat JBoss Enterprise Application Platform installation and deployed applications.\n\nFor details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2019:1107"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
"version": "3.0"
},
"products": [
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-0:2.6.3-5.redhat_00020.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-activemq-artemis-cli-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-commons-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-core-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-dto-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hornetq-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-hqclient-protocol-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jdbc-store-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-client-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-jms-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-journal-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-native-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-ra-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-selector-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-server-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-service-extensions-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-activemq-artemis-tools-0:2.6.3-5.redhat_00020.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-commons-lang-0:3.8.0-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-0:3.2.7-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-apache-cxf-rt-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-services-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-tools-0:3.2.7-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-apache-cxf-xjc-utils-0:3.2.3-2.redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.src",
"6Server-JBEAP-7.2:eap7-artemis-native-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-artemis-native-wildfly-0:2.6.3-15.redhat_00020.el6eap.x86_64",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-byte-buddy-0:1.9.5-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-cxf-xjc-boolean-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-bug986-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-dv-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-runtime-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-cxf-xjc-ts-0:3.2.3-2.redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-dom4j-0:2.1.1-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-elytron-web-0:1.2.4-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-0:5.3.9-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-hibernate-core-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-entitymanager-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-envers-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-hibernate-java8-0:5.3.9-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-httpcomponents-asyncclient-0:4.1.4-1.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-0:9.3.6-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-jdbc-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-cachestore-remote-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-client-hotrod-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-core-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-commons-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-spi-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-infinispan-hibernate-cache-v53-0:9.3.6-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-0:1.4.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-common-spi-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-api-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-core-impl-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-deployers-common-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-jdbc-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-ironjacamar-validator-0:1.4.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-runtime-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-istack-commons-tools-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-annotations-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-core-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-databind-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jdk8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-datatype-jsr310-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-base-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-json-provider-0:2.9.8-2.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-jaxrs-providers-0:2.9.8-2.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-module-jaxb-annotations-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-base-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jackson-modules-java8-0:2.9.8-1.redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jberet-0:1.3.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jberet-core-0:1.3.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-ejb-client-0:4.0.15-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-el-api_3.0_spec-0:1.0.13-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-genericjms-0:2.0.1-2.Final_redhat_00002.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-logmanager-0:2.1.7-3.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-remoting-jmx-0:3.0.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-security-negotiation-0:3.0.5-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-0:1.3.0-7.Final_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-cli-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-core-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap6.4-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly10.1-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly11.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly12.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly13.0-server-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly8.2-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-jboss-server-migration-wildfly9.0-to-eap7.2-0:1.3.0-7.Final_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-0:5.9.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-narayana-compensations-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbosstxbridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jbossxts-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-idlj-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-jts-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-api-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-bridge-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-integration-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-restat-util-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-narayana-txframework-0:5.9.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-bindings-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-common-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-config-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-federation-0:2.5.5-16.SP12_redhat_4.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-picketlink-idm-api-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-idm-simple-schema-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-impl-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-picketlink-wildfly8-0:2.5.5-16.SP12_redhat_4.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-0:3.6.1-4.SP3_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-resteasy-atom-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-cdi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-client-microprofile-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-crypto-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jackson2-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxb-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jaxrs-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jettison-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jose-jwt-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-jsapi-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-binding-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-json-p-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-multipart-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-rxjava2-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-spring-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-validator-provider-11-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-resteasy-yaml-provider-0:3.6.1-4.SP3_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-sun-istack-commons-0:3.0.7-2.redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-0:2.0.19-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-undertow-jastow-0:2.0.7-2.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-undertow-server-0:1.2.4-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-0:7.2.1-6.GA_redhat_00004.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-0:1.6.2-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-elytron-tool-0:1.4.1-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-wildfly-http-client-common-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-ejb-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-naming-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-http-transaction-client-0:1.0.13-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-javadocs-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-modules-0:7.2.1-6.GA_redhat_00004.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-wildfly-transaction-client-0:1.1.3-1.Final_redhat_00001.1.el6eap.src",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.noarch",
"6Server-JBEAP-7.2:eap7-yasson-0:1.0.2-1.redhat_00001.1.el6eap.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "wildfly: wrong SecurityIdentity for EE concurrency threads that are reused"
}
]
}
rhsa-2021_1230
Vulnerability from csaf_redhat
Published
2021-04-27 08:55
Modified
2025-02-26 02:37
Summary
Red Hat Security Advisory: OpenShift Container Platform 4.6.26 security and extras update
Notes
Topic
Red Hat OpenShift Container Platform release 4.6.26 is now available with
updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container
Platform 4.6.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
Security Fix(es):
* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)
* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)
* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)
* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)
* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)
* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)
* jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration (CVE-2020-24750)
* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource (CVE-2020-35490)
* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource (CVE-2020-35491)
* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (CVE-2020-35728)
* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS (CVE-2020-36179)
* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS (CVE-2020-36180)
* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS (CVE-2020-36181)
* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS (CVE-2020-36182)
* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool (CVE-2020-36183)
* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource (CVE-2020-36184)
* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource (CVE-2020-36185)
* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource (CVE-2020-36186)
* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource (CVE-2020-36187)
* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource (CVE-2020-36188)
* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource (CVE-2020-36189)
* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing (CVE-2021-20190)
* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)
* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Red Hat OpenShift Container Platform release 4.6.26 is now available with\nupdates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container\nPlatform 4.6.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat OpenShift Container Platform is Red Hat\u0027s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.\n\nSecurity Fix(es):\n\n* jackson-databind: arbitrary code execution in slf4j-ext class (CVE-2018-14718)\n\n* jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes (CVE-2018-14719)\n\n* jackson-databind: improper polymorphic deserialization in axis2-transport-jms class (CVE-2018-19360)\n\n* jackson-databind: improper polymorphic deserialization in openjpa class (CVE-2018-19361)\n\n* jackson-databind: improper polymorphic deserialization in jboss-common-core class (CVE-2018-19362)\n\n* jackson-databind: default typing mishandling leading to remote code execution (CVE-2019-14379)\n\n* jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration (CVE-2020-24750)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource (CVE-2020-35490)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource (CVE-2020-35491)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool (CVE-2020-35728)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS (CVE-2020-36179)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS (CVE-2020-36180)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS (CVE-2020-36181)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS (CVE-2020-36182)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool (CVE-2020-36183)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource (CVE-2020-36184)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource (CVE-2020-36185)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource (CVE-2020-36186)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource (CVE-2020-36187)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource (CVE-2020-36188)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource (CVE-2020-36189)\n\n* jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing (CVE-2021-20190)\n\n* jackson-databind: exfiltration/XXE in some JDK classes (CVE-2018-14720)\n\n* jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class (CVE-2018-14721)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:1230",
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "external",
"summary": "1913929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913929"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "1737517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517"
},
{
"category": "external",
"summary": "1859004",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1859004"
},
{
"category": "external",
"summary": "1882310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1882310"
},
{
"category": "external",
"summary": "1909266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909266"
},
{
"category": "external",
"summary": "1909269",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909269"
},
{
"category": "external",
"summary": "1911502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1911502"
},
{
"category": "external",
"summary": "1913871",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913871"
},
{
"category": "external",
"summary": "1913872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913872"
},
{
"category": "external",
"summary": "1913874",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913874"
},
{
"category": "external",
"summary": "1913926",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913926"
},
{
"category": "external",
"summary": "1913927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913927"
},
{
"category": "external",
"summary": "1913931",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913931"
},
{
"category": "external",
"summary": "1913933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913933"
},
{
"category": "external",
"summary": "1913934",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913934"
},
{
"category": "external",
"summary": "1913937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913937"
},
{
"category": "external",
"summary": "1916633",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1916633"
},
{
"category": "external",
"summary": "1925361",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925361"
},
{
"category": "external",
"summary": "1913928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913928"
},
{
"category": "external",
"summary": "1950894",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1950894"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_1230.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.6.26 security and extras update",
"tracking": {
"current_release_date": "2025-02-26T02:37:25+00:00",
"generator": {
"date": "2025-02-26T02:37:25+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.3.1"
}
},
"id": "RHSA-2021:1230",
"initial_release_date": "2021-04-27T08:55:01+00:00",
"revision_history": [
{
"date": "2021-04-27T08:55:01+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-04-27T08:55:01+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-02-26T02:37:25+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.6",
"product": {
"name": "Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.6::el8"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"product": {
"name": "openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"product_id": "openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"product": {
"name": "openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"product_id": "openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-logging-operator\u0026tag=v4.6.0-202104161407.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"product": {
"name": "openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"product_id": "openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202104161407.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"product_id": "openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"product": {
"name": "openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"product_id": "openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-curator5\u0026tag=v4.6.0-202104161407.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"product": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"product_id": "openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-elasticsearch6\u0026tag=v4.6.0-202104161407.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"product": {
"name": "openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"product_id": "openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-eventrouter\u0026tag=v4.6.0-202104201259.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"product": {
"name": "openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"product_id": "openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-fluentd\u0026tag=v4.6.0-202104161407.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"product": {
"name": "openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"product_id": "openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-logging-kibana6\u0026tag=v4.6.0-202104161407.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"product_id": "openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"product_id": "openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"product_id": "openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"product": {
"name": "openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"product_id": "openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"product": {
"name": "openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"product_id": "openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"product_id": "openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"product": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"product_id": "openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-proxy\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.6.0-202104151601.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"product": {
"name": "openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"product_id": "openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-leader-elector-rhel8\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"product": {
"name": "openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"product_id": "openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"product_id": "openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"product_id": "openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"product_id": "openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138?arch=s390x\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.6.0-202104151245.p0"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"product": {
"name": "openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"product_id": "openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"product": {
"name": "openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"product_id": "openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-logging-operator\u0026tag=v4.6.0-202104161407.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"product": {
"name": "openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"product_id": "openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202104161407.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"product": {
"name": "openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"product_id": "openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ghostunnel\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"product": {
"name": "openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"product_id": "openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hadoop\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"product": {
"name": "openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"product_id": "openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-hive\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"product_id": "openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"product": {
"name": "openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"product_id": "openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-curator5\u0026tag=v4.6.0-202104161407.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"product": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"product_id": "openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-elasticsearch6\u0026tag=v4.6.0-202104161407.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"product": {
"name": "openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"product_id": "openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-eventrouter\u0026tag=v4.6.0-202104201259.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"product": {
"name": "openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"product_id": "openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-fluentd\u0026tag=v4.6.0-202104161407.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"product": {
"name": "openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"product_id": "openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-logging-kibana6\u0026tag=v4.6.0-202104161407.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"product_id": "openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"product_id": "openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"product_id": "openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"product": {
"name": "openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"product_id": "openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"product": {
"name": "openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"product_id": "openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"product_id": "openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"product": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"product_id": "openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-proxy\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.6.0-202104151601.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"product": {
"name": "openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"product_id": "openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-leader-elector-rhel8\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"product": {
"name": "openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"product_id": "openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"product": {
"name": "openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"product_id": "openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-ansible-operator\u0026tag=v4.6.0-202104151601.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"product": {
"name": "openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"product_id": "openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-reporting-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"product_id": "openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"product": {
"name": "openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"product_id": "openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-metering-presto\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"product_id": "openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"product_id": "openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991?arch=amd64\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.6.0-202104151245.p0"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"product": {
"name": "openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"product_id": "openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-descheduler\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"product": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"product_id": "openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-node-problem-detector-rhel8\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"product": {
"name": "openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"product_id": "openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-logging-operator\u0026tag=v4.6.0-202104161407.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"product": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"product_id": "openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-nfd-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"product": {
"name": "openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"product_id": "openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-operator\u0026tag=v4.6.0-202104161407.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"product": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"product_id": "openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-infiniband-cni\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"product_id": "openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-diskmaker\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"product_id": "openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"product": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"product_id": "openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-local-storage-static-provisioner\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"product": {
"name": "openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"product_id": "openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-curator5\u0026tag=v4.6.0-202104161407.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"product": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"product_id": "openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-elasticsearch6\u0026tag=v4.6.0-202104161407.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"product": {
"name": "openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"product_id": "openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-eventrouter\u0026tag=v4.6.0-202104201259.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"product": {
"name": "openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"product_id": "openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-fluentd\u0026tag=v4.6.0-202104161407.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"product": {
"name": "openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"product_id": "openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-logging-kibana6\u0026tag=v4.6.0-202104161407.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"product": {
"name": "openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"product_id": "openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-node-feature-discovery\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"product": {
"name": "openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"product_id": "openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ansible-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"product": {
"name": "openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"product_id": "openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-capacity\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"product": {
"name": "openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"product_id": "openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-dns-proxy\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"product": {
"name": "openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"product_id": "openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-router\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"product": {
"name": "openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"product_id": "openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-helm-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"product": {
"name": "openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"product_id": "openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-service-idler-rhel8\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"product_id": "openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"product": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"product_id": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-cluster-kube-descheduler-rhel8-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"product": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"product_id": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-clusterresourceoverride-rhel8-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"product": {
"name": "openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"product_id": "openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-egress-http-proxy\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"product": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"product_id": "openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-elasticsearch-proxy\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"product": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"product_id": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-jenkins-agent-nodejs-10-rhel8\u0026tag=v4.6.0-202104151601.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"product": {
"name": "openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"product_id": "openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-leader-elector-rhel8\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"product": {
"name": "openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"product_id": "openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"product": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"product_id": "openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-metering-helm-container-rhel8\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"product": {
"name": "openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"product_id": "openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-ptp-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"product": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"product_id": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-vertical-pod-autoscaler-rhel8-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"product": {
"name": "openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"product_id": "openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-cni\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"product": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"product_id": "openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-dp-admission-controller\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"product_id": "openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-config-daemon\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"product_id": "openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-device-plugin\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"product": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"product_id": "openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-operator-must-gather\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"product_id": "openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-operator\u0026tag=v4.6.0-202104151245.p0"
}
}
},
{
"category": "product_version",
"name": "openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"product": {
"name": "openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"product_id": "openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481?arch=ppc64le\u0026repository_url=registry.redhat.io/openshift4/ose-sriov-network-webhook\u0026tag=v4.6.0-202104151245.p0"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x"
},
"product_reference": "openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le"
},
"product_reference": "openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x"
},
"product_reference": "openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64"
},
"product_reference": "openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x"
},
"product_reference": "openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le"
},
"product_reference": "openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x"
},
"product_reference": "openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x"
},
"product_reference": "openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le"
},
"product_reference": "openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64"
},
"product_reference": "openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x"
},
"product_reference": "openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64"
},
"product_reference": "openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x"
},
"product_reference": "openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le"
},
"product_reference": "openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x"
},
"product_reference": "openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64"
},
"product_reference": "openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64"
},
"product_reference": "openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x"
},
"product_reference": "openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le"
},
"product_reference": "openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x"
},
"product_reference": "openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64"
},
"product_reference": "openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le"
},
"product_reference": "openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64"
},
"product_reference": "openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x"
},
"product_reference": "openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64"
},
"product_reference": "openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le"
},
"product_reference": "openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le"
},
"product_reference": "openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x"
},
"product_reference": "openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le"
},
"product_reference": "openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64"
},
"product_reference": "openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x"
},
"product_reference": "openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x"
},
"product_reference": "openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x"
},
"product_reference": "openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x"
},
"product_reference": "openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64"
},
"product_reference": "openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le"
},
"product_reference": "openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64"
},
"product_reference": "openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le"
},
"product_reference": "openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
},
"product_reference": "openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64"
},
"product_reference": "openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le"
},
"product_reference": "openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x"
},
"product_reference": "openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64"
},
"product_reference": "openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le"
},
"product_reference": "openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x"
},
"product_reference": "openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le"
},
"product_reference": "openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x"
},
"product_reference": "openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64"
},
"product_reference": "openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64"
},
"product_reference": "openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64"
},
"product_reference": "openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x"
},
"product_reference": "openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64"
},
"product_reference": "openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64"
},
"product_reference": "openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64"
},
"product_reference": "openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x"
},
"product_reference": "openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x"
},
"product_reference": "openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le"
},
"product_reference": "openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x"
},
"product_reference": "openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64"
},
"product_reference": "openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le"
},
"product_reference": "openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64"
},
"product_reference": "openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x"
},
"product_reference": "openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64"
},
"product_reference": "openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64"
},
"product_reference": "openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x"
},
"product_reference": "openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x"
},
"product_reference": "openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le"
},
"product_reference": "openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64"
},
"product_reference": "openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
},
"product_reference": "openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-14718",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666415"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using slf4j classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in slf4j-ext class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "This vulnerability in jackson-databind involves exploiting CVE-2018-1088 against slf4j, which was fixed in Red Hat products through the errata referenced at https://access.redhat.com/security/cve/cve-2018-8088. Applications that link only slf4j versions including that fix are not vulnerable to this vulnerability.\n\nRed Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle slf4j-ext jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14718"
},
{
"category": "external",
"summary": "RHBZ#1666415",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666415"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14718",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14718"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14718"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in slf4j-ext class"
},
{
"cve": "CVE-2018-14719",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666418"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using blaze classes. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products are not affected by this issue as they do not bundle or provide the requisite gadget jars to exploit this vulnerability:\nRed Hat Satellite 6\nRed Hat Enterprise Virtualization 4\nRed Hat Fuse 6, 7, and Fuse Integration Services 2\nRed Hat A-MQ 6",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14719"
},
{
"category": "external",
"summary": "RHBZ#1666418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666418"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14719",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14719"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14719"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: arbitrary code execution in blaze-ds-opt and blaze-ds-core classes"
},
{
"cve": "CVE-2018-14720",
"cwe": {
"id": "CWE-611",
"name": "Improper Restriction of XML External Entity Reference"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666423"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: exfiltration/XXE in some JDK classes",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.\n\nRed Hat Enterprise Virtualization 4 is not affected by this issue, since its only supported Java runtime (openJDK) doesn\u0027t bundle the com.sun.deploy.security.ruleset.DRSHelper class.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14720"
},
{
"category": "external",
"summary": "RHBZ#1666423",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666423"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14720",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14720"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible \n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: exfiltration/XXE in some JDK classes"
},
{
"cve": "CVE-2018-14721",
"cwe": {
"id": "CWE-352",
"name": "Cross-Site Request Forgery (CSRF)"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666428"
}
],
"notes": [
{
"category": "description",
"text": "FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle axis2-jaxws jar.\n\nRed Hat Virtualization is not affected by this issue, since its does not bundle axis2-jaxws jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-14721"
},
{
"category": "external",
"summary": "RHBZ#1666428",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666428"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-14721",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-14721"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14721"
}
],
"release_date": "2018-07-27T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: server-side request forgery (SSRF) in axis2-jaxws class"
},
{
"cve": "CVE-2018-19360",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666482"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the axis2-transport-jms class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t include axis2-transport-jms jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since it does not include axis2-transport-jms jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19360"
},
{
"category": "external",
"summary": "RHBZ#1666482",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666482"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19360",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19360"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19360"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in axis2-transport-jms class"
},
{
"cve": "CVE-2018-19361",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666484"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the OpenJPA class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in openjpa class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle openjpa jar.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19361"
},
{
"category": "external",
"summary": "RHBZ#1666484",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666484"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19361",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19361"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19361"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in openjpa class"
},
{
"cve": "CVE-2018-19362",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-01-02T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1666489"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in jackson-databind, where it would permit polymorphic deserialization of a malicious object using the jboss-common-core class. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: improper polymorphic deserialization in jboss-common-core class",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Red Hat Satellite 6 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.\n\nRed Hat Virtualization 4 is not affected by this issue, since its candlepin component doesn\u0027t bundle jboss-common-core jar.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-19362"
},
{
"category": "external",
"summary": "RHBZ#1666489",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1666489"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-19362",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19362"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-19362"
}
],
"release_date": "2018-11-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: improper polymorphic deserialization in jboss-common-core class"
},
{
"cve": "CVE-2019-14379",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2019-07-29T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1737517"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was discovered in FasterXML jackson-databind, where it would permit polymorphic deserialization of malicious objects using the ehcache and logback JNDI gadgets when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: default typing mishandling leading to remote code execution",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "While OpenShift Container Platform\u0027s elasticsearch plugins do ship the vulnerable component, it doesn\u0027t do any of the unsafe things described in https://access.redhat.com/solutions/3279231. We may update the jackson-databind dependency in a future release.\n\nSimilarly, Satellite 6 does not enable polymorphic unmarshmalling, which is a required configuration for the vulnerability to be used. We may update the jackson-databind dependency in a future release.\n\nRed Hat OpenStack Platform ships OpenDaylight, which contains the vulnerable jackson-databind. However, OpenDaylight does not expose jackson-databind in a way that would make it vulnerable, lowering the impact of the vulnerability for OpenDaylight. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-14379"
},
{
"category": "external",
"summary": "RHBZ#1737517",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1737517"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-14379",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-14379"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-14379"
}
],
"release_date": "2019-07-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "jackson-databind: default typing mishandling leading to remote code execution"
},
{
"cve": "CVE-2020-24750",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-09-18T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1882310"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind 2.x in versions prior to 2.9.10.6. The interaction between serialization gadgets and typing is mishandled. The highest threat from this vulnerability is to data confidentiality and system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* OpenShift Container Platform\nThese products may update the jackson-databind dependency in a future release.\n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-24750"
},
{
"category": "external",
"summary": "RHBZ#1882310",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1882310"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-24750",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24750"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-24750",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-24750"
}
],
"release_date": "2020-09-18T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid com.pastdev.httpcomponents in the classpath",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: Serialization gadgets in com.pastdev.httpcomponents.configuration.JndiConfiguration"
},
{
"cve": "CVE-2020-35490",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-12-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1909266"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, hence it has been marked wontfix at this time and may be fixed in a future update.\n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35490"
},
{
"category": "external",
"summary": "RHBZ#1909266",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909266"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35490",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35490"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35490",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35490"
},
{
"category": "external",
"summary": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
"url": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2986",
"url": "https://github.com/FasterXML/jackson-databind/issues/2986"
}
],
"release_date": "2020-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid org.apache.commons.dbcp2.datasources.PerUserPoolDataSource and org.apache.commons.dbcp2.datasources.SharedPoolDataSource in the classpath",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.PerUserPoolDataSource"
},
{
"cve": "CVE-2020-35491",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-12-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1909269"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, hence it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35491"
},
{
"category": "external",
"summary": "RHBZ#1909269",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1909269"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35491",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35491"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35491",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35491"
},
{
"category": "external",
"summary": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
"url": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2986",
"url": "https://github.com/FasterXML/jackson-databind/issues/2986"
}
],
"release_date": "2020-12-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid org.apache.commons.dbcp2.datasources.PerUserPoolDataSource and org.apache.commons.dbcp2.datasources.SharedPoolDataSource in the classpath",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.datasources.SharedPoolDataSource"
},
{
"cve": "CVE-2020-35728",
"cwe": {
"id": "CWE-96",
"name": "Improper Neutralization of Directives in Statically Saved Code (\u0027Static Code Injection\u0027)"
},
"discovery_date": "2020-12-27T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1911502"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat Products ship jackson-databind version 2.10.0 or later which is not considered affected by this CVE (see https://medium.com/@cowtowncoder/jackson-2-10-safe-default-typing-2d018f0ce2ba) \n* JBoss Data Grid 7\n* JBoss Data Grid 8\n* Enterprise Application Platform 7\n* Red Hat Decision Manager 7\n* Red Hat Process Automation Manager 7\n* Red Hat Single Sign-On (RH-SSO) 7\n* Red Hat JBoss Fuse 7\n* Red Hat JBoss A-MQ\n* Red Hat Enterprise Linux 8\n* Red Hat Satellite 6.6\n* Red Hat Satellite 6.7\n* Red Hat Satellite 6.8\n* Red Hat CodeReady Studio 12\n\nRed Hat OpenShift Container Platform and Red Hat OpenStack Platform does ship the vulnerable components, but does not enable the unsafe conditions needed to exploit, lowering their vulnerability impact.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, hence it has been marked wontfix at this time and may be fixed in a future update.\n\nRed Hat OpenStack Platform 13 ships OpenDaylight, which contains the vulnerable jackson-databind, but does not expose jackson-databind in a way that would make it exploitable. As such, Red Hat will not be providing a fix for OpenDaylight at this time.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-35728"
},
{
"category": "external",
"summary": "RHBZ#1911502",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1911502"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-35728",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-35728"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-35728",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-35728"
},
{
"category": "external",
"summary": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062",
"url": "https://cowtowncoder.medium.com/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2999",
"url": "https://github.com/FasterXML/jackson-databind/issues/2999"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool in the classpath",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.oracle.wls.shaded.org.apache.xalan.lib.sql.JNDIConnectionPool"
},
{
"cve": "CVE-2020-36179",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913871"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36179"
},
{
"category": "external",
"summary": "RHBZ#1913871",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913871"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36179",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36179"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36179",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36179"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/3004",
"url": "https://github.com/FasterXML/jackson-databind/issues/3004"
}
],
"release_date": "2020-12-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS"
},
{
"cve": "CVE-2020-36180",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913872"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36180"
},
{
"category": "external",
"summary": "RHBZ#1913872",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913872"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36180",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36180"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36180",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36180"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/3004",
"url": "https://github.com/FasterXML/jackson-databind/issues/3004"
}
],
"release_date": "2020-12-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS"
},
{
"cve": "CVE-2020-36181",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913874"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but does not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36181"
},
{
"category": "external",
"summary": "RHBZ#1913874",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913874"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36181",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36181"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36181",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36181"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/3004",
"url": "https://github.com/FasterXML/jackson-databind/issues/3004"
}
],
"release_date": "2020-12-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS"
},
{
"cve": "CVE-2020-36182",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913926"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36182"
},
{
"category": "external",
"summary": "RHBZ#1913926",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913926"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36182",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36182"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36182",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36182"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/3004",
"url": "https://github.com/FasterXML/jackson-databind/issues/3004"
}
],
"release_date": "2020-12-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS"
},
{
"cve": "CVE-2020-36183",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913927"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36183"
},
{
"category": "external",
"summary": "RHBZ#1913927",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913927"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36183",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36183"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36183",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36183"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/3003",
"url": "https://github.com/FasterXML/jackson-databind/issues/3003"
}
],
"release_date": "2020-12-31T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool"
},
{
"cve": "CVE-2020-36184",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913928"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36184"
},
{
"category": "external",
"summary": "RHBZ#1913928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913928"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36184",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36184"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36184",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36184"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2998",
"url": "https://github.com/FasterXML/jackson-databind/issues/2998"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource"
},
{
"cve": "CVE-2020-36185",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913929"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and maybe fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36185"
},
{
"category": "external",
"summary": "RHBZ#1913929",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913929"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36185",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36185"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36185",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36185"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2998",
"url": "https://github.com/FasterXML/jackson-databind/issues/2998"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource"
},
{
"cve": "CVE-2020-36186",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913931"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and maybe fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contain the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36186"
},
{
"category": "external",
"summary": "RHBZ#1913931",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913931"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36186",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36186"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36186",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36186"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2997",
"url": "https://github.com/FasterXML/jackson-databind/issues/2997"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource"
},
{
"cve": "CVE-2020-36187",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913933"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and maybe fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contain the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36187"
},
{
"category": "external",
"summary": "RHBZ#1913933",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913933"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36187",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36187"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36187",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36187"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2997",
"url": "https://github.com/FasterXML/jackson-databind/issues/2997"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource"
},
{
"cve": "CVE-2020-36188",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913934"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, hence it has been marked wontfix at this time and maybe fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but they do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36188"
},
{
"category": "external",
"summary": "RHBZ#1913934",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913934"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36188",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36188"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36188",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36188"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2996",
"url": "https://github.com/FasterXML/jackson-databind/issues/2996"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource"
},
{
"cve": "CVE-2020-36189",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2021-01-06T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1913937"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and maybe fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-36189"
},
{
"category": "external",
"summary": "RHBZ#1913937",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1913937"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-36189",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-36189"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-36189",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-36189"
},
{
"category": "external",
"summary": "https://github.com/FasterXML/jackson-databind/issues/2996",
"url": "https://github.com/FasterXML/jackson-databind/issues/2996"
}
],
"release_date": "2020-12-23T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid: oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS, org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS, org.docx4j.org.apache.xalan.lib.sql.JNDIConnectionPool, org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource, org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource, com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource, com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource\nin the classpath",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.DriverManagerConnectionSource"
},
{
"cve": "CVE-2021-20190",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2020-01-04T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1916633"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in jackson-databind. FasterXML mishandles the interaction between serialization gadgets and typing. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "The following Red Hat products do ship the vulnerable component, but do not enable the unsafe conditions needed to exploit, lowering their vulnerability impact:\n* JBoss Data Grid 7\n* Business Process Management Suite 6\n* Business Rules Management Suite 6\n* JBoss Data Virtualization 6\n* Red Hat Fuse Service Works 6\n* Red Hat OpenStack Platform\n* Red Hat OpenShift containers: ose-metering-hadoop, ose-metering-hive, ose-logging-elasticsearch5, ose-logging-elasticsearch6 \nThese products may update the jackson-databind dependency in a future release.\n\nIn Red Hat Openshift 4 there are no plans to maintain the ose-logging-elasticsearch5 container, therefore it has been marked wontfix at this time and may be fixed in a future update. \n\nThe following Red Hat products ship OpenDaylight, which contains the vulnerable jackson-databind, but do not expose jackson-databind in a way that would make it exploitable:\n* Red Hat OpenStack Platform 13\nAs such, Red Hat will not be providing a fix for OpenDaylight at this time.\n\nThe following Red Hat products are not affected by this flaw because they use a more recent version of jackson-databind that does not contain the vulnerable code:\n* CodeReady Studio 12.16.0\n* CodeReady WorkSpaces Server Container\n* Red Hat Enterprise Linux 8\n* Red Hat Enterprise Virtualization\n* Red Hat Satellite 6\n* Red Hat OpenShift container: ose-metering-presto",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"known_not_affected": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2021-20190"
},
{
"category": "external",
"summary": "RHBZ#1916633",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1916633"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2021-20190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20190"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2021-20190",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2021-20190"
},
{
"category": "external",
"summary": "https://github.com/advisories/GHSA-5949-rw7g-wx7w",
"url": "https://github.com/advisories/GHSA-5949-rw7g-wx7w"
}
],
"release_date": "2021-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-04-27T08:55:01+00:00",
"details": "This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.26. See the following advisory for the container images for\nthis release:\n\nhttps://access.redhat.com/errata/RHBA-2021:1232\n\nAll OpenShift Container Platform 4.6 users are advised to upgrade to these updated packages and images when they are available in the appropriate release channel. To check for available updates, use the OpenShift Console or the CLI oc command. Instructions for upgrading a cluster are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-between-minor.html#understanding-upgrade-channels_updating-cluster-between-minor\n\nFor OpenShift Container Platform 4.6 see the following documentation, which will be updated shortly for this release, for important instructions on how to upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:1230"
},
{
"category": "workaround",
"details": "The following conditions are needed for an exploit, we recommend avoiding all if possible:\n* Deserialization from sources you do not control\n* `enableDefaultTyping()`\n* `@JsonTypeInfo using `id.CLASS` or `id.MINIMAL_CLASS`\n* avoid javax.swing in the classpath",
"product_ids": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:1bdf5505b33880666b5e98af98e2237702b7ba879684844cd0c867a6a4535752_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:a065f31ff3d4583d5346dacfdb82fc1676ebc6a66c8ab6f91b5317b20bee2922_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ansible-operator@sha256:e08c21810d029d1c44468e63a51da715540620b942bb258b4d46f266ba11adf2_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:757a8fc6c74fb58ee8e4342e0a01b6613b0db4bc5358f7a3bd7648357c1d2d2f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:7c0735d650dbcd648c34decf07468a211a486a154353826e2d21c507bd9e09b1_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-capacity@sha256:a356b236981577ff562886ac80bbc94d5b3177b31a01e12a709fa8706f3a0bef_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:085a4280161e972baf1c7117f5f3c2f85ec5f7a02aece451977cc0d40970e02c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:aee746eaf43c085f305c81ad840e9e93b93ae4c8d4f7d399104fa823a5854494_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-kube-descheduler-rhel8-operator@sha256:f5abc71afc0108cc68d115f088da4a0f409c569b29af250da3071d2b09246c1a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:56785d26ee764d5845daa0a40ed166d90899df92eda0a571244990a0198f90fb_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:6ac5fdc243dd9c9f394409b019c3e3f223f3a8988e92449722267a4ede3f71e5_s390x",
"8Base-RHOSE-4.6:openshift4/ose-cluster-logging-operator@sha256:b649cce6850bf161b93a5f6e46b160c5dd1f953b5c6b86962812a3d68c288c84_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:3a8dd6b9d8ba07b7a7465624097ae5f96cb418b7eaf4d7f20d67051eb43f24c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:44261c4897b6cb25e540a29d9a7e0255e09077897349f253a341c2a62bc40b57_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-cluster-nfd-operator@sha256:70c6f5a0b4024fb47ea18454d79a550cd3bef22371954dbfa88996c56bc54fbc_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:36810ff04906b074fe509d744b121c05c58e7b3065cad7e6c31c61cb5e5bf827_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:ca1d1b3e37ba0902750b55aabc3243699ab700d4808bf7da0d409b6ab536f5be_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8-operator@sha256:f93a04e4d827f2a403ec5cf42883b39eeca85bc836793c22ec8e85f6b6655d7f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3e58d28b4ff0eea028d80f10d182e0d131105215e47ba2460d7d387fc3589fb1_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:3f90d6cc032e068c41fa90abe60a39bea595a77c07c6b6fe1e5bbe26142d1d66_amd64",
"8Base-RHOSE-4.6:openshift4/ose-clusterresourceoverride-rhel8@sha256:e03bbf11d2142e7d8090993de9934fc13fee4c583e0d05079c8b7550d7fe7bff_s390x",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:4d73f8db16aac6881680b4c7ee49449f2cc9a79d536ce6ffda4621abb45f2bdb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:8b069b2c625c6c8281bdbd7e957f48d0e1407c9087a9277cf2c176daf4564c25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-descheduler@sha256:ce14ed3c5e3a6b5ccf42feea4d5895150586d12e30ed42496809cc94ea7fabb6_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:515d077af11b0769686a97d6796a115c4a177d1986da9f584a1e3a3c0e9584f6_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:6a090568a5cf1d9fa225e67f37b0e11243764f35c922b1fcc3a62cdbe83c56d7_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-dns-proxy@sha256:e5cc34ca2bc012691523e0cc7b42a7e17c39e5361c62df0ef3a39a9031417d34_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:3399a5fd27c1b7648876c595601ba14a98cb5c3d0a949e41900e4cbe8f0da3c3_amd64",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:654d2f58de1b46a7562230227f5eab0613f4fd51ffa783edb7decc858dfd656f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-http-proxy@sha256:7d4cb10f88df3911cd701a201348cb21c071a22af346a54a924d3eaa41bc107d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:a12fc7f1d200e940461b7106842e7ad7ce5fcaee55ee5beab682f071084533fb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:dca8ab53f80bc9d747972375df8a755d3f83bbadb7f6347197a378244349e79a_s390x",
"8Base-RHOSE-4.6:openshift4/ose-egress-router@sha256:efd14fb77f38de3da3e58409d53a752c031263d016968c5754c9d8278500507a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:1ad4acfbb39b1b47d1ee7e767af27978676ee36a68ed29fe97d3c4b687945e20_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:5c312b851727c3147f17e4fd338338c048b376fe8292faba78e8438d24fd5a65_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-operator@sha256:a7abe377cef9fa7a7de502ee8ff0e65f95498b767e70dad6f019e692d90d2669_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:5409839ffacc3dbb6c298e74cc87ff26204739c1a479ee4d91fe5d8ef6067d0d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:a5147e29b0eb6dab75e73157d251d36d79d4dfb39597e8328e8278bdc9b1c861_amd64",
"8Base-RHOSE-4.6:openshift4/ose-elasticsearch-proxy@sha256:b3467f3aad92908ec40fe7629ded3fcd988532a290559c0eed336334329a2d6f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ghostunnel@sha256:b13706a50a922bef15e92aca6a12defb0279e87cba0935ce1a67f16aa990cd80_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:08cda24e19694136030db6789321427e3a968ed50ec3d9bcca4faeac751ff4de_s390x",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:6a69ed6850e1490476a3ea2ec9aaf82b8e0894a2adbcfb69f97a5a627b20b7b0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-helm-operator@sha256:ae32f068111571934ef138a0b22aa48f78dca77d341bed79493bb90dfe33c647_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:6ff45bdab177dcdd1c0d1c4a0565bc3c26abc0f293cab100f293cc6d56cd6b9d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:a976c7c292f57e51ccb5d5bc1cec517ac4943e6e359c0b5f641c15c7e810613f_amd64",
"8Base-RHOSE-4.6:openshift4/ose-jenkins-agent-nodejs-10-rhel8@sha256:ac528fb371439b930e85f14596c9b2b9bb444c1d239a76f8b85d77154221e9bf_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:042b975cc17845ec8401cb1c0e238b93b9848fdaa70f8fd0223bb3502045275c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:05f814322fd10d44f5a55349dffdd8799405548d7e22eef8684ac1fd5f29e520_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-leader-elector-rhel8@sha256:f6bf928d08e987dab59e0725d35a3a381606a43fd859968fd58c025c82459a53_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:02284a2cc9dda7f6dedb9639b9a9eb9aedb1db9bcd0f01ee4783148feb8c05b9_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:75aa707a412f8b5831d3c4582b50d904c663e68d9518e804ae316394fbbb4659_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-diskmaker@sha256:d38d452640972e9be7eda63dd5cf72905d8d0b6dd58bc2b33a24390ff80d642c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:80e14ac7ed9872072360b5ce69038a42715ff206f784a320849b37382ce99a58_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:b7b60a5e88ae9a175e6bdf17b5bcae36869d66f11e3d885410d833b5d9beda49_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-operator@sha256:d0c6e09c52fd11ddd1f21e50166235be92a1c3372363e21e46bfbbe0ddcf3c28_s390x",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:50e877f4960850233e6599b08f60d8e906a55304fb1bf48117314415eeae207c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:7ce7f03282fe08e8e81f8ac6ebcc1c28f11413b5b010c662015047ef06a3afa2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-local-storage-static-provisioner@sha256:fa1818b5b30a2e01a437776132d84b755f0874a6057b54168bd4a4394ff56fae_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:0ab8cee837a9d3b8d9755a2c263abee7f24d3c75fa167603f1abf766c9773a07_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:78ba74c7df36e8e93706cfafbc359791fa248d80d7f042ce5a9a6f3512a4db57_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-curator5@sha256:c6b29177495d738d050dd2068a912230d6047418c3bce7400122e7b357d6961b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:1e76b161ee4766eb802a32dfed7a4cf2ef88fb0651cbb1774439d8ff5beb3abf_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:c9f00c6294be703c1fc2f69c3a5bf877fafdd0115f2b1478d684651994c090b4_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-elasticsearch6@sha256:e6b2a3913f4cb7413b1bdadff0912ca9e35ee47ed6da7c07a4bfdde88e3af257_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:304643c6dd114296767299e9c9137b971531ac7d3b5c878b4ee58e4b0fa6e0f7_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:37a37378b9057f79d8cdd811170915d039412242789164f67d44dd5bf572b97a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-eventrouter@sha256:ffd51d07eda4cc9ce64d814ef3084cdee943cbf42c84851731961766bd1bc029_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:49f7c6b1c3a24a42fbaa761cc5003e7f6402a2413679100ab9050897349641b4_amd64",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:56f47b1069a1bd851f042e51e5a8927682dcd6035666f207b466366bdf165197_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-fluentd@sha256:bb1b69978de71d2bf2dc3d331e46b85e31cf02d677ec43ebf69124e8106960db_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:249d582984f1b707af646e720d8d781d6bbf27f93e48b97f6f7611224b554d2b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:6f1e9ae360bc838a5c35a83d1053ca998c12dbffc67680a11cc0d83012d0a37c_s390x",
"8Base-RHOSE-4.6:openshift4/ose-logging-kibana6@sha256:bfb0ca212cfa49a4c810a1259129b10ea1fff0c1b4e75007b295c9033fe15f69_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-ansible-operator@sha256:da5c6bd0ae0f0d79d160dfd3f5e2742f35d7847c832814077546e93865836b96_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-hadoop@sha256:faeea3b7ed8da083b5f7664a9a34aec46997fc7baa80f2008594f343db179148_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:2c7ae009af86100937e973ed1a26ac8d1db41f6c6b7183763a89b934fb6b0913_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:31f9bde9a154b412dd23c03bd86e2bcd061b78de216c95b4042a322f5eb64c02_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-helm-container-rhel8@sha256:ac8512ae42adb14d219ea98bf3020edd27eed755f3bf08e0bfed7dd32431c381_s390x",
"8Base-RHOSE-4.6:openshift4/ose-metering-hive@sha256:b9eee2133d8ff69c1fd3fb3f8a7ee72552acc252d7f3ab923efac99a434e0f31_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-presto@sha256:50e94f1ac582febf4079692b9976bdc3c3f321ce2769683c82f3dc34005c5eba_amd64",
"8Base-RHOSE-4.6:openshift4/ose-metering-reporting-operator@sha256:669ce13592f3fd0072efa2a41b4d64377d2c251b8504a81aea06957e87e99e54_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:8bf45ae929309726b54fdd77ae7c185a5feaa0ffc5ed047d89ebef94670ccc33_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:a6fd5a2fb8cce9cc4ce8a4af247988c743a56cdaed0ee64479592f243f5b7e71_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-feature-discovery@sha256:ca3599f758489397d4084d6d173df9276f085fdcd477bb8ea94ff86ba104a494_s390x",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:5e1dcd44213b8f5c3880ec48196411c940ec6081bcc03d3266606a18f943daf2_amd64",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:760b502ef140b58c561bf214a1f4d741607a70a7769698cd5b7d53d5147eff3a_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-node-problem-detector-rhel8@sha256:f9e602126fd16d7a3238c21f0b9686552c7fb4317ad3992af9ab0fdf584a57eb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:228f2db298ffcf59b31b4bfdbe453a12d6a3ba7e5d5c73bb59b9f07e1c2c2b6b_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:24316f0f7fe027e79f22a70e4b9e3c9e59c00797e294479fc1e6467b8c25d6f0_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp-operator@sha256:36be231e5880803af44ebdb1961e09d02c70dde9fb0451e4fd0fd02179f64df3_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:1a8909d642b2d50377c9dcaaf002910cc06f1d63caf9974649b245313412119f_s390x",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:82c0a0feaea44b06965173cddd5855b226b86e93efa381fbc47b3a39ca89bd4a_amd64",
"8Base-RHOSE-4.6:openshift4/ose-ptp@sha256:ecae2687ff6331ce13a2b4284a2bf255e3c5d189f7a5f43ea592194baaed7f14_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:23eb91e03d61a80356f5d565cf278efd81c988803b064b7b1d764a3d711f110d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:6661e36e02108e365a0d753666497dcfb7cdc36a9be79668431d5c7349f4953d_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-service-idler-rhel8@sha256:c480428f630fc2b3f63f58d81e130c60cd19fd339c6ae42aca56f25753edba03_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:64bd62efe56d6cb37306b5826a9c9c9571a0c7847405915e3f91abf96986a658_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:a5958940d84fd1e6df3b6d751f5b7872b4e00e69aba6d7dff371ab399c4789a2_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-cni@sha256:e42537341cae4334358aa4eb42ad4178e3a8cce31edd1db2c7a4213bd5068e37_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:15a317aa3f2f95a53987d392c7d75a91bfc463430987ff16f0b5524caa6adcfa_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:7e692a1bc16d7e7af6e24f1a50404a5675349dbf65cc55062d9b6441f2c4a297_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-dp-admission-controller@sha256:85ae9a6bf8ea721b74562a233e20c247ca45e753f5a5791cee65baed4dca4795_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:1a96bd0cbaf6c6430f536194e88f759453c788df9efa74777ebaba9be246a412_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:68e6f203ca6af18626c70a9814c62002d15096a309cecfb76ec3db6a75fb85cb_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-infiniband-cni@sha256:cc01feddc8c34993e9f77bfba0d01a2c3fc19967b5715e3797cb67046f8e526d_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:3c338f2cd2e864f9a735964ba0c6d999eca0f0b53e4046cffd41a86b2841f160_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:b9842f153e49120c9a45fae9672218fb31736927c61fbed8eab5fc7b3ed46e24_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-config-daemon@sha256:d2d43d08cdec41fc8acb00db726fdfcf121f48ba16e9201fc79652a7065d9c2e_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:4480925a79945775f5e628e38e1d45ab6c47e31712a6036ce5b8fc1de8c46f92_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:a6728c67b2f285c5e76a196e1cd75d35b8c156db38a02c810e128fdf55918745_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-device-plugin@sha256:c4672d079b33ec68db2f2f09c62de4051b1be52272b5f324ba9addf4a5c1d0af_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2080923bae6822d1c0e42373834250132ee598c9a374ff4d62e1d4913026c529_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:2853cfd3e94434c0ae8e171b493c3650bb5ef4407cdc3c2bbeda59fb04e2b39f_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-operator@sha256:396e8a0e89eb5e2f714594cb1856b4d3e0da9340543d2df0bc781614e93d83bb_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:2e98c45219cf1511fc900d34783ed6059eb516667c03a5f7a922c1c3c2a52138_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:866d9eee7f0cbb32fb195045cb60086b4a66e6bc3212f3df1692cfb27208f991_amd64",
"8Base-RHOSE-4.6:openshift4/ose-sriov-network-webhook@sha256:cc5dd5b8b07171678c885a3828b344538fcb1b4f2ba36bfda4d74fa41033f481_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:5b7a05000ecccc64784c4b54457dc34dbcbb73a59201ee0f9f4470f46a8a2a9c_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:805960ecffddc4007436d2de56fe8b10c1cc91896702b02a031e11fa0f40450d_s390x",
"8Base-RHOSE-4.6:openshift4/ose-sriov-operator-must-gather@sha256:91d3d9efe82d4b95540988656a2dd0e52cce4bf4e16829c6bc3ced02034a6b25_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:7a22ffaadeaf537f08d6aded2cd1f0d7542076367e1bd0e88ecd87c31a51470b_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f4bd5ef6d43b2c28d678ba8e5b42dfcca3c098a95be95dc30f8217be7b507f15_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8-operator@sha256:f94f023c41d7798e78d899fa7008fb385b3e77433724c0f8d2a19f1c9e51fe43_amd64",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:10a588249d3c697640fc87278a3add04b8c7d414b1f296ad28a953a033b70fcd_ppc64le",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:7cc38480d17b2c226f33cdfc1d51871249180f29bd6d6a5036c197fd9ed0d993_s390x",
"8Base-RHOSE-4.6:openshift4/ose-vertical-pod-autoscaler-rhel8@sha256:f75e5c5c27fbc8c41706f7f9c25030c1dd970a7a4441e7faeeab01e7f0aaf250_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jackson-databind: mishandles the interaction between serialization gadgets and typing, related to javax.swing"
}
]
}
gsd-2018-14720
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-14720",
"description": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
"id": "GSD-2018-14720",
"references": [
"https://www.debian.org/security/2019/dsa-4452",
"https://access.redhat.com/errata/RHSA-2021:1515",
"https://access.redhat.com/errata/RHSA-2021:1230",
"https://access.redhat.com/errata/RHSA-2020:2564",
"https://access.redhat.com/errata/RHSA-2019:4037",
"https://access.redhat.com/errata/RHSA-2019:3892",
"https://access.redhat.com/errata/RHSA-2019:3149",
"https://access.redhat.com/errata/RHSA-2019:2858",
"https://access.redhat.com/errata/RHSA-2019:1823",
"https://access.redhat.com/errata/RHSA-2019:1822",
"https://access.redhat.com/errata/RHSA-2019:1140",
"https://access.redhat.com/errata/RHSA-2019:1108",
"https://access.redhat.com/errata/RHSA-2019:1107",
"https://access.redhat.com/errata/RHSA-2019:1106",
"https://access.redhat.com/errata/RHSA-2019:0782",
"https://ubuntu.com/security/CVE-2018-14720"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-14720"
],
"details": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
"id": "GSD-2018-14720",
"modified": "2023-12-13T01:22:38.165398Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14720",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44",
"refsource": "CONFIRM",
"url": "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44"
},
{
"name": "https://github.com/FasterXML/jackson-databind/issues/2097",
"refsource": "CONFIRM",
"url": "https://github.com/FasterXML/jackson-databind/issues/2097"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7",
"refsource": "CONFIRM",
"url": "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7"
},
{
"name": "[debian-lts-announce] 20190304 [SECURITY] [DLA 1703-1] jackson-databind security update",
"refsource": "MLIST",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html"
},
{
"name": "[lucene-dev] 20190325 [jira] [Assigned] (SOLR-13112) CVE-2018-14718(-14719),sonatype-2017-0312, CVE-2018-14720(-14721) Threat Level 8 Against Solr v7.6. com.fasterxml.jackson.core : jackson-databind : 2.9.6. FasterXML jackson-databind 2.x before 2.9.7 Remote Hackers...",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E"
},
{
"name": "[lucene-dev] 20190325 [jira] [Updated] (SOLR-13112) CVE-2018-14718(-14719),sonatype-2017-0312, CVE-2018-14720(-14721) Threat Level 8 Against Solr v7.6. com.fasterxml.jackson.core : jackson-databind : 2.9.6. FasterXML jackson-databind 2.x before 2.9.7 Remote Hackers...",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "[lucene-dev] 20190325 [jira] [Updated] (SOLR-13112) CVE-2018-14718(-14719),sonatype-2017-0312, CVE-2018-14720(-14721) Threat Level 8 Against Solr v7.6. com.fasterxml.jackson.core : jackson-databind : 2.9.6. FasterXML jackson-databind 2.x before 2.9.7 Remote Hackers...",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E"
},
{
"name": "RHSA-2019:0782",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:0782"
},
{
"name": "RHBA-2019:0959",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHBA-2019:0959"
},
{
"name": "RHSA-2019:1107",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1107"
},
{
"name": "RHSA-2019:1108",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1108"
},
{
"name": "RHSA-2019:1106",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1106"
},
{
"name": "RHSA-2019:1140",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1140"
},
{
"name": "DSA-4452",
"refsource": "DEBIAN",
"url": "https://www.debian.org/security/2019/dsa-4452"
},
{
"name": "20190527 [SECURITY] [DSA 4452-1] jackson-databind security update",
"refsource": "BUGTRAQ",
"url": "https://seclists.org/bugtraq/2019/May/68"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190530-0003/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20190530-0003/"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"name": "RHSA-2019:1822",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1822"
},
{
"name": "RHSA-2019:1823",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:1823"
},
{
"name": "RHSA-2019:2858",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"
},
{
"name": "RHSA-2019:3149",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
},
{
"name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
},
{
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
},
{
"name": "RHSA-2019:3892",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
},
{
"name": "RHSA-2019:4037",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2019:4037"
},
{
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12",
"refsource": "MLIST",
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "[2.6.0,2.6.7.2),[2.7.0,2.9.7)",
"affected_versions": "All versions starting from 2.6.0 before 2.6.7.2, all versions starting from 2.7.0 before 2.9.7",
"cvss_v2": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"cwe_ids": [
"CWE-1035",
"CWE-502",
"CWE-611",
"CWE-937"
],
"date": "2019-09-27",
"description": "FasterXML jackson-databind might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
"fixed_versions": [
"2.6.7.2",
"2.9.7"
],
"identifier": "CVE-2018-14720",
"identifiers": [
"CVE-2018-14720"
],
"not_impacted": "All versions before 2.6.0, all versions starting from 2.6.7.2 before 2.7.0, all versions starting from 2.9.7",
"package_slug": "maven/com.fasterxml.jackson.core/jackson-databind",
"pubdate": "2019-01-02",
"solution": "Upgrade to versions 2.6.7.2, 2.9.7 or above.",
"title": "Improper Restriction of XML External Entity Reference",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2018-14720",
"https://github.com/FasterXML/jackson-databind/issues/2097"
],
"uuid": "d6655adf-d79b-42d5-bb2f-04c030a5eeef"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.6.7.2",
"versionStartIncluding": "2.6.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.7.9.5",
"versionStartIncluding": "2.7.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fasterxml:jackson-databind:2.9.0:pr4:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.8.11.3",
"versionStartIncluding": "2.8.0",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fasterxml:jackson-databind:2.7.0:rc3:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fasterxml:jackson-databind:2.8.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:fasterxml:jackson-databind:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.9.7",
"versionStartIncluding": "2.9.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:banking_platform:2.5.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:banking_platform:2.6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:banking_platform:2.6.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:banking_platform:2.6.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:16.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:16.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "17.12",
"versionStartIncluding": "17.1",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:primavera_unifier:18.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.4:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdeveloper:12.1.3.0.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_merchandising_system:16.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:communications_billing_and_revenue_management:12.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_for_virtualization:13.2.3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:financial_services_analytical_applications_infrastructure:8.0.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdeveloper:12.2.1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:retail_merchandising_system:15.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:webcenter_portal:12.2.1.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:jboss_enterprise_application_platform:7.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-14720"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-611"
},
{
"lang": "en",
"value": "CWE-502"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/FasterXML/jackson-databind/issues/2097",
"refsource": "CONFIRM",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/FasterXML/jackson-databind/issues/2097"
},
{
"name": "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44"
},
{
"name": "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Release Notes",
"Third Party Advisory"
],
"url": "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html",
"refsource": "CONFIRM",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"name": "[debian-lts-announce] 20190304 [SECURITY] [DLA 1703-1] jackson-databind security update",
"refsource": "MLIST",
"tags": [
"Third Party Advisory"
],
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html"
},
{
"name": "[lucene-dev] 20190325 [jira] [Updated] (SOLR-13112) CVE-2018-14718(-14719),sonatype-2017-0312, CVE-2018-14720(-14721) Threat Level 8 Against Solr v7.6. com.fasterxml.jackson.core : jackson-databind : 2.9.6. FasterXML jackson-databind 2.x before 2.9.7 Remote Hackers...",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E"
},
{
"name": "[lucene-dev] 20190325 [jira] [Assigned] (SOLR-13112) CVE-2018-14718(-14719),sonatype-2017-0312, CVE-2018-14720(-14721) Threat Level 8 Against Solr v7.6. com.fasterxml.jackson.core : jackson-databind : 2.9.6. FasterXML jackson-databind 2.x before 2.9.7 Remote Hackers...",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E"
},
{
"name": "[pulsar-commits] 20190416 [GitHub] [pulsar] one70six opened a new issue #4057: Security Vulnerabilities - Black Duck Scan - Pulsar v.2.3.1",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E"
},
{
"name": "[lucene-dev] 20190325 [jira] [Updated] (SOLR-13112) CVE-2018-14718(-14719),sonatype-2017-0312, CVE-2018-14720(-14721) Threat Level 8 Against Solr v7.6. com.fasterxml.jackson.core : jackson-databind : 2.9.6. FasterXML jackson-databind 2.x before 2.9.7 Remote Hackers...",
"refsource": "MLIST",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E"
},
{
"name": "RHSA-2019:0782",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:0782"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"name": "RHBA-2019:0959",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHBA-2019:0959"
},
{
"name": "RHSA-2019:1108",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1108"
},
{
"name": "RHSA-2019:1107",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1107"
},
{
"name": "RHSA-2019:1106",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1106"
},
{
"name": "RHSA-2019:1140",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1140"
},
{
"name": "DSA-4452",
"refsource": "DEBIAN",
"tags": [
"Third Party Advisory"
],
"url": "https://www.debian.org/security/2019/dsa-4452"
},
{
"name": "20190527 [SECURITY] [DSA 4452-1] jackson-databind security update",
"refsource": "BUGTRAQ",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://seclists.org/bugtraq/2019/May/68"
},
{
"name": "https://security.netapp.com/advisory/ntap-20190530-0003/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20190530-0003/"
},
{
"name": "RHSA-2019:1823",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1823"
},
{
"name": "RHSA-2019:1822",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2019:1822"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
"refsource": "MISC",
"tags": [
"Patch",
"Third Party Advisory"
],
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"name": "RHSA-2019:2858",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
},
{
"name": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
"refsource": "MISC",
"tags": [],
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"name": "[drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"
},
{
"name": "RHSA-2019:3149",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
},
{
"name": "[drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
},
{
"name": "[drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
},
{
"name": "RHSA-2019:3892",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
},
{
"name": "RHSA-2019:4037",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2019:4037"
},
{
"name": "N/A",
"refsource": "N/A",
"tags": [],
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"name": "[geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2020-08-31T14:15Z",
"publishedDate": "2019-01-02T18:29Z"
}
}
}
wid-sec-w-2024-1682
Vulnerability from csaf_certbund
Published
2019-04-16 22:00
Modified
2024-07-21 22:00
Summary
Oracle Retail Applications: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Oracle Retail Allocation ist ein Verwaltungswerkzeug.
Oracle MICROS bietet eine Reihe von Software, Hardware und Dienstleistungen zusammen mit schnell wachsenden Cloud Lösungen für Abrechnung und Verwaltung in Unternehmen des Hotel- und Gaststättengewerbes, Reiseveranstalter und Veranstaltern von Kreuzfahrten sowie in Unternehmen der Freizeit- und Unterhaltungsbranche.
Oracle Invoice Matching ist ein Tool zum Verwalten von Lieferantenrechnungen.
Angriff
Ein Angreifer kann mehrere Schwachstellen in Oracle Retail Applications ausnutzen, um dadurch die Integrität, Vertraulichkeit und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Linux
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Oracle Retail Allocation ist ein Verwaltungswerkzeug.\r\nOracle MICROS bietet eine Reihe von Software, Hardware und Dienstleistungen zusammen mit schnell wachsenden Cloud L\u00f6sungen f\u00fcr Abrechnung und Verwaltung in Unternehmen des Hotel- und Gastst\u00e4ttengewerbes, Reiseveranstalter und Veranstaltern von Kreuzfahrten sowie in Unternehmen der Freizeit- und Unterhaltungsbranche.\r\nOracle Invoice Matching ist ein Tool zum Verwalten von Lieferantenrechnungen.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein Angreifer kann mehrere Schwachstellen in Oracle Retail Applications ausnutzen, um dadurch die Integrit\u00e4t, Vertraulichkeit und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-1682 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2019/wid-sec-w-2024-1682.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-1682 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-1682"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - April 2019 vom 2019-04-16",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html#AppendixRAPP"
},
{
"category": "external",
"summary": "NetApp Security Advisory NTAP-20240719-0002 vom 2024-07-19",
"url": "https://security.netapp.com/advisory/ntap-20240719-0002/"
}
],
"source_lang": "en-US",
"title": "Oracle Retail Applications: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-07-21T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:11:37.885+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-1682",
"initial_release_date": "2019-04-16T22:00:00.000+00:00",
"revision_history": [
{
"date": "2019-04-16T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-07-21T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von NetApp aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "NetApp ActiveIQ Unified Manager",
"product": {
"name": "NetApp ActiveIQ Unified Manager",
"product_id": "T034125",
"product_identification_helper": {
"cpe": "cpe:/a:netapp:active_iq_unified_manager:-"
}
}
}
],
"category": "vendor",
"name": "NetApp"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "15.0.2",
"product": {
"name": "Oracle Retail Allocation 15.0.2",
"product_id": "T014004",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_allocation:15.0.2"
}
}
}
],
"category": "product_name",
"name": "Retail Allocation"
},
{
"branches": [
{
"category": "product_version",
"name": "12",
"product": {
"name": "Oracle Retail Invoice Matching 12.0",
"product_id": "T001982",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_invoice_matching:12.0"
}
}
},
{
"category": "product_version",
"name": "13",
"product": {
"name": "Oracle Retail Invoice Matching 13.0",
"product_id": "T001985",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_invoice_matching:13.0"
}
}
},
{
"category": "product_version",
"name": "13.2",
"product": {
"name": "Oracle Retail Invoice Matching 13.2",
"product_id": "T001987",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_invoice_matching:13.2"
}
}
},
{
"category": "product_version",
"name": "14",
"product": {
"name": "Oracle Retail Invoice Matching 14.0",
"product_id": "T004005",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_invoice_matching:14.0"
}
}
},
{
"category": "product_version",
"name": "13.1",
"product": {
"name": "Oracle Retail Invoice Matching 13.1",
"product_id": "T004011",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_invoice_matching:13.1"
}
}
},
{
"category": "product_version",
"name": "15",
"product": {
"name": "Oracle Retail Invoice Matching 15.0",
"product_id": "T012089",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_invoice_matching:15.0"
}
}
},
{
"category": "product_version",
"name": "14.1",
"product": {
"name": "Oracle Retail Invoice Matching 14.1",
"product_id": "T014012",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_invoice_matching:14.1"
}
}
}
],
"category": "product_name",
"name": "Retail Invoice Matching"
},
{
"branches": [
{
"category": "product_version",
"name": "2.9.5.6",
"product": {
"name": "Oracle Retail MICROS 2.9.5.6",
"product_id": "T014005",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:micros:2.9.5.6"
}
}
},
{
"category": "product_version",
"name": "2.9.5.7",
"product": {
"name": "Oracle Retail MICROS 2.9.5.7",
"product_id": "T014006",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:micros:2.9.5.7"
}
}
},
{
"category": "product_version",
"name": "11.4",
"product": {
"name": "Oracle Retail MICROS 11.4",
"product_id": "T014007",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:micros:11.4"
}
}
},
{
"category": "product_version",
"name": "12.1.2",
"product": {
"name": "Oracle Retail MICROS 12.1.2",
"product_id": "T014008",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:micros:12.1.2"
}
}
}
],
"category": "product_name",
"name": "Retail MICROS"
},
{
"branches": [
{
"category": "product_version",
"name": "1.60.9.0.0",
"product": {
"name": "Oracle Retail Workforce Management 1.60.9.0.0",
"product_id": "T014013",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_workforce_management:1.60.9.0.0"
}
}
}
],
"category": "product_name",
"name": "Retail Workforce Management"
},
{
"branches": [
{
"category": "product_version",
"name": "7",
"product": {
"name": "Oracle Retail Xstore Point of Service 7.0",
"product_id": "T012096",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_point-of-service:7.0"
}
}
},
{
"category": "product_version",
"name": "7.1",
"product": {
"name": "Oracle Retail Xstore Point of Service 7.1",
"product_id": "T012099",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:retail_point-of-service:7.1"
}
}
}
],
"category": "product_name",
"name": "Retail Xstore Point of Service"
}
],
"category": "vendor",
"name": "Oracle"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2014-9515",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2014-9515"
},
{
"cve": "CVE-2015-9251",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2015-9251"
},
{
"cve": "CVE-2016-1000031",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2016-1000031"
},
{
"cve": "CVE-2017-5533",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2017-5533"
},
{
"cve": "CVE-2018-1000180",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-1000180"
},
{
"cve": "CVE-2018-1000613",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-1000613"
},
{
"cve": "CVE-2018-11763",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-11763"
},
{
"cve": "CVE-2018-11784",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-11784"
},
{
"cve": "CVE-2018-12022",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-12022"
},
{
"cve": "CVE-2018-12023",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-12023"
},
{
"cve": "CVE-2018-1304",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-1304"
},
{
"cve": "CVE-2018-1305",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-1305"
},
{
"cve": "CVE-2018-14718",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-14718"
},
{
"cve": "CVE-2018-14719",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-14719"
},
{
"cve": "CVE-2018-14720",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-14720"
},
{
"cve": "CVE-2018-14721",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-14721"
},
{
"cve": "CVE-2018-15756",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-15756"
},
{
"cve": "CVE-2018-19360",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-19360"
},
{
"cve": "CVE-2018-19361",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-19361"
},
{
"cve": "CVE-2018-19362",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-19362"
},
{
"cve": "CVE-2018-2880",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-2880"
},
{
"cve": "CVE-2018-3120",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-3120"
},
{
"cve": "CVE-2018-3312",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-3312"
},
{
"cve": "CVE-2018-3314",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-3314"
},
{
"cve": "CVE-2018-7489",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-7489"
},
{
"cve": "CVE-2018-8034",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2018-8034"
},
{
"cve": "CVE-2019-2424",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2019-2424"
},
{
"cve": "CVE-2019-2558",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2019-2558"
},
{
"cve": "CVE-2019-3772",
"notes": [
{
"category": "description",
"text": "In Oracle Retail Applications existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein Angreifer die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit gef\u00e4hrden. F\u00fcr die Ausnutzung einiger dieser Schwachstellen ist keine Authentifizierung und keine Benutzerinteraktion notwendig. Oracle ver\u00f6ffentlicht keine weiteren Details zu diesen Schwachstellen (au\u00dfer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadensh\u00f6he ausschlie\u00dflich auf Basis der CVSS Impact Matrix. Der Maximalwert f\u00fcr diese Produkte ist \"High\" f\u00fcr \"Confidentiality\", \"Integrity\" und \"Availability\" und bewirkt damit eine \"hohe\" Schadensh\u00f6he."
}
],
"product_status": {
"known_affected": [
"T004011",
"T004005",
"T014007",
"T014008",
"T014005",
"T014006",
"T012089",
"T014004",
"T014012",
"T034125",
"T012099",
"T014013",
"T012096",
"T001987",
"T001985",
"T001982"
]
},
"release_date": "2019-04-16T22:00:00.000+00:00",
"title": "CVE-2019-3772"
}
]
}
ghsa-x2w5-5m2g-7h5m
Vulnerability from github
Published
2019-01-04 19:09
Modified
2023-06-12 22:34
Severity ?
Summary
XML External Entity Reference (XXE) in jackson-databind
Details
FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.
{
"affected": [
{
"package": {
"ecosystem": "Maven",
"name": "com.fasterxml.jackson.core:jackson-databind"
},
"ranges": [
{
"events": [
{
"introduced": "2.9.0"
},
{
"fixed": "2.9.7"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.8.11.2"
},
"package": {
"ecosystem": "Maven",
"name": "com.fasterxml.jackson.core:jackson-databind"
},
"ranges": [
{
"events": [
{
"introduced": "2.8.0"
},
{
"fixed": "2.8.11.3"
}
],
"type": "ECOSYSTEM"
}
]
},
{
"database_specific": {
"last_known_affected_version_range": "\u003c= 2.7.9.2"
},
"package": {
"ecosystem": "Maven",
"name": "com.fasterxml.jackson.core:jackson-databind"
},
"ranges": [
{
"events": [
{
"introduced": "2.7.0"
},
{
"fixed": "2.7.9.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2018-14720"
],
"database_specific": {
"cwe_ids": [
"CWE-502",
"CWE-611"
],
"github_reviewed": true,
"github_reviewed_at": "2020-06-16T22:01:50Z",
"nvd_published_at": null,
"severity": "CRITICAL"
},
"details": "FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.",
"id": "GHSA-x2w5-5m2g-7h5m",
"modified": "2023-06-12T22:34:49Z",
"published": "2019-01-04T19:09:46Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-14720"
},
{
"type": "WEB",
"url": "https://github.com/FasterXML/jackson-databind/issues/2097"
},
{
"type": "WEB",
"url": "https://github.com/FasterXML/jackson-databind/commit/87d29af25e82a249ea15858e2d4ecbf64091db44"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/82b01bfb6787097427ce97cec6a7127e93718bc05d1efd5eaffc228f@%3Cdev.lucene.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/b0656d359c7d40ec9f39c8cc61bca66802ef9a2a12ee199f5b0c1442@%3Cdev.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ba973114605d936be276ee6ce09dfbdbf78aa56f6cdc6e79bfa7b8df@%3Cdev.lucene.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/f9bc3e55f4e28d1dcd1a69aae6d53e609a758e34d2869b4d798e13cc@%3Cissues.drill.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/ff8dcfe29377088ab655fda9d585dccd5b1f07fabd94ae84fd60a7f8@%3Ccommits.pulsar.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/rf1bbc0ea4a9f014cf94df9a12a6477d24a27f52741dbc87f2fd52ff2@%3Cissues.geode.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00005.html"
},
{
"type": "WEB",
"url": "https://seclists.org/bugtraq/2019/May/68"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20190530-0003"
},
{
"type": "WEB",
"url": "https://www.debian.org/security/2019/dsa-4452"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html"
},
{
"type": "WEB",
"url": "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/6a78f88716c3c57aa74ec05764a37ab3874769a347805903b393b286@%3Cdev.lucene.apache.org%3E"
},
{
"type": "WEB",
"url": "https://lists.apache.org/thread.html/519eb0fd45642dcecd9ff74cb3e71c20a4753f7d82e2f07864b5108f@%3Cdev.drill.apache.org%3E"
},
{
"type": "ADVISORY",
"url": "https://github.com/advisories/GHSA-x2w5-5m2g-7h5m"
},
{
"type": "WEB",
"url": "https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:4037"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3892"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:3149"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:2858"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1823"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1822"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1140"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1108"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1107"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:1106"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2019:0782"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHBA-2019:0959"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
],
"summary": "XML External Entity Reference (XXE) in jackson-databind"
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.